我创建了一个使用 docker image for node8 的 CodeBuild 项目.此 CodeBuild 项目的目的是进行单元测试。它从 CodeCommit 获取一个输入项目。并在 buildspec.yml 中运行测试命令。
这是我的(简单的)buildspec 文件:
version: 0.2
phases:
install:
commands:
- echo "install phase started"
- npm install
- echo "install phase ended"
pre_build:
commands:
- echo "pre_build aka test phase started"
- echo "mocha unit test"
- npm test
- echo "mocha unit test ended"
build:
commands:
- echo "build phase started"
- echo "build complete"
构建在 DOWNLOAD_SOURCE 阶段失败,原因如下:
PHASE - DOWNLOAD_SOURCE
Start time 2 minutes ago
End time 2 minutes ago
Message Access Denied
构建日志中唯一的日志如下
[Container] 2018/01/12 11:30:22 Waiting for agent ping
[Container] 2018/01/12 11:30:22 Waiting for DOWNLOAD_SOURCE
提前致谢。
CodeBuild 政策的屏幕截图。
最佳答案
我找到了解决办法。这是我的权限问题。我添加了这个以使其工作。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Resource": [
"arn:aws:logs:eu-west-1:723698621383:log-group:/aws/codebuild/project",
"arn:aws:logs:eu-west-1:723698621383:log-group:/aws/codebuild/project:*"
],
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
]
},
{
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::codepipeline-eu-west-1-*"
],
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:GetObjectVersion"
]
},
{
"Effect": "Allow",
"Action": [
"ssm:GetParameters"
],
"Resource": "arn:aws:ssm:eu-west-1:723698621383:parameter/CodeBuild/*"
}
]
}
关于node.js - 下载源代码时 AWS Codebuild 失败。消息 : Access Denied,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48225778/