AWS部署失败了，没有足够的许可:提供的角色没有ElasticBeanstalk:UpdateEnvironments的

所以，我对AWS非常新，并且拥有一个使用AWS CodeStar构建的简单管道。来源 ->应用程序 -> beta。我正在尝试部署到Beta网站，我会得到此失败。

我尝试在http://docs.aws.amazon.com/iam/latest/userguide/id_roles_create_for-service.html上关注仪器，然后选择要担任此角色的服务。但这不是我所看到的。我看不到选择Codepipeline的能力，我认为这是需要访问弹性豆键的服务。

我以为我可能已经误解了他们正在谈论的服务，并以其他方式选择了弹性beanstalk，但这也与说明有所不同。

我尝试了此页面：http：//docs.aws.amazon.com/codepipeline/latest/latest/userguide/how-to-custom-role.html#view-view-default-service-nervice-poly-policy-policy-policy-policy-and-comp.他们如何创建默认的AWS codepipeline服务角色策略

*****************************************************************************

这是整个管道的屏幕截图

这是AWScodestarServicerole策略

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "ProjectEventRules",
        "Effect": "Allow",
        "Action": [
            "events:PutTargets",
            "events:RemoveTargets",
            "events:PutRule",
            "events:DeleteRule",
            "events:DescribeRule"
        ],
        "Resource": [
            "arn:aws:events:*:*:rule/awscodestar-*"
        ]
    },
    {
        "Sid": "ProjectStack",
        "Effect": "Allow",
        "Action": [
            "cloudformation:*Stack*",
            "cloudformation:CreateChangeSet",
            "cloudformation:ExecuteChangeSet",
            "cloudformation:DeleteChangeSet",
            "cloudformation:GetTemplate"
        ],
        "Resource": [
            "arn:aws:cloudformation:*:*:stack/awscodestar-*",
            "arn:aws:cloudformation:*:*:stack/awseb-*",
            "arn:aws:cloudformation:*:*:stack/aws-cloud9-*",
            "arn:aws:cloudformation:*:aws:transform/CodeStar*"
        ]
    },
    {
        "Sid": "ProjectStackTemplate",
        "Effect": "Allow",
        "Action": [
            "cloudformation:GetTemplateSummary",
            "cloudformation:DescribeChangeSet"
        ],
        "Resource": "*"
    },
    {
        "Sid": "ProjectQuickstarts",
        "Effect": "Allow",
        "Action": [
            "s3:GetObject"
        ],
        "Resource": [
            "arn:aws:s3:::awscodestar-*/*"
        ]
    },
    {
        "Sid": "ProjectS3Buckets",
        "Effect": "Allow",
        "Action": [
            "s3:*"
        ],
        "Resource": [
            "arn:aws:s3:::aws-codestar-*",
            "arn:aws:s3:::aws-codestar-*/*",
            "arn:aws:s3:::elasticbeanstalk-*",
            "arn:aws:s3:::elasticbeanstalk-*/*"
        ]
    },
    {
        "Sid": "ProjectServices",
        "Effect": "Allow",
        "Action": [
            "codestar:*Project",
            "codestar:*Resource*",
            "codestar:List*",
            "codestar:Describe*",
            "codestar:Get*",
            "codestar:AssociateTeamMember",
            "codecommit:*",
            "codepipeline:*",
            "codedeploy:*",
            "codebuild:*",
            "ec2:RunInstances",
            "autoscaling:*",
            "cloudwatch:Put*",
            "ec2:*",
            "elasticbeanstalk:*",
            "elasticloadbalancing:*",
            "iam:ListRoles",
            "logs:*",
            "sns:*",
            "cloud9:CreateEnvironmentEC2",
            "cloud9:DeleteEnvironment",
            "cloud9:DescribeEnvironment*",
            "cloud9:ListEnvironments"
        ],
        "Resource": "*"
    },
    {
        "Sid": "ProjectWorkerRoles",
        "Effect": "Allow",
        "Action": [
            "iam:AttachRolePolicy",
            "iam:CreateRole",
            "iam:DeleteRole",
            "iam:DeleteRolePolicy",
            "iam:DetachRolePolicy",
            "iam:GetRole",
            "iam:PassRole",
            "iam:PutRolePolicy",
            "iam:SetDefaultPolicyVersion",
            "iam:CreatePolicy",
            "iam:DeletePolicy",
            "iam:AddRoleToInstanceProfile",
            "iam:CreateInstanceProfile",
            "iam:DeleteInstanceProfile",
            "iam:RemoveRoleFromInstanceProfile"
        ],
        "Resource": [
            "arn:aws:iam::*:role/CodeStarWorker*",
            "arn:aws:iam::*:policy/CodeStarWorker*",
            "arn:aws:iam::*:instance-profile/awscodestar-*"
        ]
    },
    {
        "Sid": "ProjectTeamMembers",
        "Effect": "Allow",
        "Action": [
            "iam:AttachUserPolicy",
            "iam:DetachUserPolicy"
        ],
        "Resource": "*",
        "Condition": {
            "ArnEquals": {
                "iam:PolicyArn": [
                    "arn:aws:iam::*:policy/CodeStar_*"
                ]
            }
        }
    },
    {
        "Sid": "ProjectRoles",
        "Effect": "Allow",
        "Action": [
            "iam:CreatePolicy",
            "iam:DeletePolicy",
            "iam:CreatePolicyVersion",
            "iam:DeletePolicyVersion",
            "iam:ListEntitiesForPolicy",
            "iam:ListPolicyVersions"
        ],
        "Resource": [
            "arn:aws:iam::*:policy/CodeStar_*"
        ]
    },
    {
        "Sid": "InspectServiceRole",
        "Effect": "Allow",
        "Action": [
            "iam:ListAttachedRolePolicies"
        ],
        "Resource": [
            "arn:aws:iam::*:role/aws-codestar-service-role",
            "arn:aws:iam::*:role/service-role/aws-codestar-service-role"
        ]
    },
    {
        "Sid": "IAMLinkRole",
        "Effect": "Allow",
        "Action": [
            "iam:CreateServiceLinkedRole"
        ],
        "Resource": "*",
        "Condition": {
            "StringEquals": {
                "iam:AWSServiceName": "cloud9.amazonaws.com"
            }
        }
    }
]

}

另外，我无法更新角色的权限，因为它说它是亚马逊创建的角色，并且是只读的角色。

我猜我缺少的东西很简单。我想念它！

预先感谢！