search

aws / aws-codedeploy-agent

Host Agent for AWS CodeDeploy
https://aws.amazon.com/codedeploy
Apache License 2.0
328 stars 188 forks source link

AccessDeniedException when changing agent user. #331

Closed mr-ayk closed 1 year ago

mr-ayk commented 2 years ago

Hi. After starting the codedeploy agent and changing the user(non-root), the following error occurred.

2022-09-16 13:10:42 INFO [codedeploy-agent(2591)]: [Aws::CodeDeployCommand::Client 400 0.031464 0 retries] poll_host_command(host_identifier:"arn:aws:ec2:xxxxxxx") Aws::CodeDeployCommand::Errors::AccessDeniedException Aws::CodeDeployCommand::Errors::AccessDeniedException 2022-09-16 13:10:42 ERROR [codedeploy-agent(2591)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Cannot reach InstanceService: Aws::CodeDeployCommand::Errors::AccessDeniedException - Aws::CodeDeployCommand::Errors::AccessDeniedException

I read this page(https://github.com/aws/aws-codedeploy-agent/issues/69) and tried service codedeploy-agent restart.But it didn't work out.

I would like to know how to solve it.

OS : Amazon Linux version : 2018.03 installed CodeDeployAgent version : OFFICIAL_1.4.0-2218_rpm ec2

Using Amazon linux2 it worked fine.

My sincere apologies for my poor English/bad grammar. thx.

mr-ayk commented 2 years ago

sorry. This issue has been resolved.

Looking at the codedeploy-agent.aws_wire.log, I found that POST processing of aws-sdk-ruby3 returned status 400. And I found Authorization set to the default credential located at./aws/config. If anyone has the same problem, try changing the default in~/.aws/credential or ~/.aws/config or remove files. thx.