Closed jithinjudepaule closed 3 years ago
Hi Try to follow this to create user and role . then assign policy to the role .
Can you please share the credentials file with all the information masked out . Which is there in the dot aWS directory
Did you also try the following assume role concept
Also this stackoverflow article has explained the i a m best practice to operate as non root user account https://stackoverflow.com/a/55420064
Thanks @kurtzace that worked like charm!! I had to assume the role which had admin access to my non root account and mere AWS IAm credentials with Administrator access policy didn't work .
However I am getting the below error now
15/17 | 11:34:31 PM | CREATE_FAILED | AWS::CodePipeline::Pipeline | Pipeline/Pipeline (Pipeline9850B417) Internal Failure
new Pipeline (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\node_modules\@aws-cdk\aws-codepipeline\lib\pipeline.ts:255:26)
\_ new CdkPipeline (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\node_modules\@aws-cdk\pipelines\lib\pipeline.ts:75:22)
\_ new CdkpipelinesDemoPipelineStack (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\lib\cdkpipelines-demo-pipeline-stack.ts:16:22)
\_ Object.<anonymous> (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\bin\cdkpipelines-demo.ts:7:1)
\_ Module._compile (internal/modules/cjs/loader.js:1138:30)
\_ Module.m._compile (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\node_modules\ts-node\src\index.ts:858:23)
\_ Module._extensions..js (internal/modules/cjs/loader.js:1158:10)
\_ Object.require.extensions.<computed> [as .ts] (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\node_modules\ts-node\src\index.ts:861:12)
\_ Module.load (internal/modules/cjs/loader.js:986:32)
\_ Function.Module._load (internal/modules/cjs/loader.js:879:14)
\_ Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)
\_ main (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\node_modules\ts-node\src\bin.ts:227:14)
\_ Object.<anonymous> (F:\GitRepos\cdkpipelinesdemo\cdkpipelines-demo\node_modules\ts-node\src\bin.ts:513:3)
\_ Module._compile (internal/modules/cjs/loader.js:1138:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:1158:10)
\_ Module.load (internal/modules/cjs/loader.js:986:32)
\_ Function.Module._load (internal/modules/cjs/loader.js:879:14)
\_ Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)
\_ internal/main/run_main_module.js:17:47
15/17 | 11:34:32 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | CdkpipelinesDemoPipelineStack The following resource(s) failed to create: [Pipeline9850B417].
@jithinjudepaule - would it be possible to share the pipeline part of the code that results in an internal failure?
It can be a bit tricky to diagnose those, but the first step would be to reproduce the error.
@shivlaks I am basically trying to build a cdk pipeline found in this post(https://aws.amazon.com/blogs/developer/cdk-pipelines-continuous-delivery-for-aws-cdk-applications/). I bootstrapped the environmnet using
npx cdk bootstrap \
--profile account1-profile \
--cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \
aws://xxxxxxxx/us-east-2
It worked fine for me. After that I deployed using the command:
npx cdk deploy \
--profile xxxxx-profile \
CdkpipelinesDemoPipelineStack
The deployment goes through deploying around 17 resources and it fails at the 14th resource and then rolls back the entire pipeline and deletes all the 14 resources. Guess the below line of code causes the issue as per the error reported in file: \cdkpipelines-demo\node_modules\@aws-cdk\pipelines\lib\pipeline.ts:75:22
if (props.artifactBucket && props.crossRegionReplicationBuckets) {
throw new Error('Only one of artifactBucket and crossRegionReplicationBuckets can be specified!');
}
// If a bucket has been provided, use it - otherwise, create a bucket.
let propsBucket = this.getArtifactBucketFromProps(props);
if (!propsBucket) {
const encryptionKey = new kms.Key(this, 'ArtifactsBucketEncryptionKey', {
// remove the key - there is a grace period of a few days before it's gone for good,
// that should be enough for any emergency access to the bucket artifacts
removalPolicy: core_1.RemovalPolicy.DESTROY,
});
The error says:
15/17 | 11:34:31 PM | CREATE_FAILED | AWS::CodePipeline::Pipeline | Pipeline/Pipeline (Pipeline9850B417) Internal Failure
Issue described here:
https://docs.aws.amazon.com/cdk/api/latest/docs/pipelines-readme.html#pipeline-internal-failure
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
I created an admin
user(adminprod)
using my root account and I tried to bootstrap this environment by runningI configured the IAM user credentials via the
.aws/credentials
and.aws/config
file. However I am unable to bootstrap and I got the below error:The verbose version is: