我按照https://www.spinnaker.io/setup/providers/aws/
和启动大三角帆中提到的进行了配置,并在clouddriver.logs中不断收到此错误
Caused by: com.amazonaws.services.ec2.model.AmazonEC2Exception: You are not authorized to perform this operation. (Service: AmazonEC2; Status Code: 403; Error Code: UnauthorizedOperation; Request ID: fb3144e7-7105-44e1-917c-60c6de551d83)
我的安装环境是 AWS ec2 环境,此实例具有角色BaseIAMRole
,并已向其附加SpinnakerAssumeRolePolicy
和PowerUserAccess
。
我在我的clouddriver.yml中配置了管理帐户和管理帐户,如下所示:
aws:
enabled: true
accounts:
- name: '07xxxx...'
# requiredGroupMembership: []
accountId: '07xxxx...'
regions: []
assumeRole: role/spinnakerManaged
- name: '19xxxx...'
# requiredGroupMembership: []
accountId: '19xxxx...'
regions: []
assumeRole: role/spinnakerManaged
primaryAccount: '07xxxx...'
defaultKeyPairTemplate: '{{name}}-keypair'
defaultRegions:
- name: ap-southeast-2
defaultAssumeRole: role/spinnakerManaged
defaults:
iamRole: BaseIAMRole
我拥有管理帐户和管理帐户的管理员访问权限...
任何帮助将不胜感激
IT 似乎缺少必须附加和设置的 AWS IAM 策略,以便管理角色和托管角色设置生效。 请参阅文档:军械库 AWS IAM 设置