附带的屏幕截图是错误。没有stderr消息让我排除故障。我已经为S3设置了必要的EC2 IAM访问权限。那可能是什么问题呢?
[ [
我还添加了IAM的用户需求,所以我不确定是什么问题
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::codepipeline-ap-southeast-1-617020163322/*",
"arn:aws:s3:::aws-codedeploy-us-east-2/*",
"arn:aws:s3:::aws-codedeploy-us-east-1/*",
"arn:aws:s3:::aws-codedeploy-us-west-1/*",
"arn:aws:s3:::aws-codedeploy-us-west-2/*",
"arn:aws:s3:::aws-codedeploy-ca-central-1/*",
"arn:aws:s3:::aws-codedeploy-eu-west-1/*",
"arn:aws:s3:::aws-codedeploy-eu-west-2/*",
"arn:aws:s3:::aws-codedeploy-eu-west-3/*",
"arn:aws:s3:::aws-codedeploy-eu-central-1/*",
"arn:aws:s3:::aws-codedeploy-ap-northeast-1/*",
"arn:aws:s3:::aws-codedeploy-ap-northeast-2/*",
"arn:aws:s3:::aws-codedeploy-ap-southeast-1/*",
"arn:aws:s3:::aws-codedeploy-ap-southeast-2/*",
"arn:aws:s3:::aws-codedeploy-ap-south-1/*",
"arn:aws:s3:::aws-codedeploy-sa-east-1/*"
]
}
]
}
与DownloadBundle生命周期事件关联的错误是:
桶是“arn:aws:s3 ::: codepipeline-ap-southeast-1-617020163322”,捆绑存储在哪里?这个文件夹是由CodePipeline创建的吗?
如果是,我的建议是使用与CodePipeline使用的存储桶不同的存储桶来存储工件。特别是因为您需要使用bucket policy为您的实例授予下载应用程序修订版所需的权限。
我有同样的问题,并能够解决它。我忘记在我的EC2 Assume Role中添加KMS权限。我的S3工件桶使用KMS加密,因此CodePipeline使用KMS,它会将ACCESS DENIED抛出到S3存储桶。虽然错误不够友好,无法告诉用户实际问题是什么。