search

aws-cloudformation / aws-cloudformation-resource-providers-codeartifact

The CloudFormation Resource Provider Package for the AWS CodeArtifact service
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_CodeArtifact.html
Apache License 2.0
27 stars 7 forks source link

Access Denied - When creating repo with attached "Upstreams" #36

Closed waderobson closed 3 years ago

waderobson commented 3 years ago

Describe the issue Ran into problems linking to an upstream repo created within the same stack. I remove the Upstreams section of the template things deploy fine.

To troubleshoot I edited the repository-resource-execution-role to have codeartifact:* - no change

To Reproduce Steps to reproduce the behavior: 1 . Deploy this template - observe Access denied for operation 'codeartifact:CreateRepository' error

Parameters:
  DomainName:
    Type: String
  RepoName:
    Type: String
Resources:
  CodeArtifactDomain:
    Type: AWSdevToolsBeta::CodeArtifact::Domain
    Properties:
      DomainName:
        Ref: DomainName
  PypiUpstreamRepository:
    DependsOn: CodeArtifactDomain
    Type: AWSdevToolsBeta::CodeArtifact::Repository
    Properties:
      RepositoryName: pypi-store
      DomainName:
        Ref: DomainName
      ExternalConnections:
       - public:pypi
  CodeArtifactRepository:
    DependsOn: PypiUpstreamRepository
    Type: AWSdevToolsBeta::CodeArtifact::Repository
    Properties:
      RepositoryName:
        Ref: RepoName
      DomainName:
        Ref: DomainName
      Upstreams:
       - pypi-store
  1. Comment out upstream and redeploy.

Expected behavior Successful deployment

Screenshots or logs image

jonjara commented 3 years ago

Thanks for the feedback, will look into this

waderobson commented 3 years ago

This is no longer an issue for me using the released version so far has been smooth sailing thanks