ACCESS_DENIED:服务角色arn:aws:iam::749760571158:role/CodeBuild -hu-cb-crm-poc- Service -role不允许aws CodeBuild为构建创建Amazon CloudWatch日志日志流arn:aws: CodeBuild:ap-南方:749760571158:build/hu- moxe -crm-cb:7af26655-bea9-41b8-94c9-38b1c7a68d1e。错误信息:User: arn:aws:sts::749760571158: asamed -role/codebuild-hu-cb-crm-poc-service-role/AWSCodeBuild-7af26655-bea9-41b8-94c9-38b1c7a68d1e未被授权执行:logs: CreateLogStream on resource: arn:aws:logs:ap-南方:749760571158:log-group:/aws/codebuild/hu-moxie-crm-cb:log-stream:7af26655-bea9-41b8-94c9-38b1c7a68d1e,因为没有基于身份的策略允许日志:CreateLogStream动作
我已经设置了我的管道,一切都在运行,甚至网站正在打开,但我仍然得到这个构建错误
我给了所有需要的策略,但它仍然不起作用
错误信息告诉你该怎么做。
您需要允许logs:CreateLogStream对codebuild-hu-cb-crm-poc-service-role角色进行操作。
将此策略附加到角色。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"*"
]
}
]
}