Closed danfraticiu closed 2 months ago
Turned out this had nothing to do with sam
there was a new policy added to the account that was not aware of, the policy denied all actions where MFA was not present.
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
Description:
sam deploy
stopped working for all users on my organization's account, with the error messageError: Failed to create changeset for the stack: hello-world-node, An error occurred (ValidationError) when calling the CreateChangeSet operation: S3 error: Access Denied
This issue was observed only a day ago, don't know who longs it started happening.
Steps to reproduce:
Running any
sam deploy
command that was previously working yields same error, tested with different users. Was able to reproduce the issue when trying to deploy a brand new applications (using this the sample project fromgit@github.com:serverless-projects/aws-sam-examples.git
(namely thesamples_1/hello-world/node
).All users have the
arn:aws:iam::aws:policy/AmazonS3FullAccess
policy.Also worth nothing the
.template
files is uploaded to S3 successfully and AFAICTCreateChangeSet
does not produce S3 objects, so I have no idea why it would result in this error.Observed result:
Expected result:
A succesfull deploy.
Additional environment details (Ex: Windows, Mac, Amazon Linux etc)
sam --version
: 1.123.0