Amazon web services AWS eb创建失败-用户无权执行:自动缩放
我正在使用aws部署我的项目。我已经安装了eb cli,在运行eb create并为选项选择默认值时,项目将上载到S3:Amazon web services AWS eb创建失败-用户无权执行:自动缩放,amazon-web-services,amazon-ec2,amazon-elastic-beanstalk,amazon-iam,Amazon Web Services,Amazon Ec2,Amazon Elastic Beanstalk,Amazon Iam,我正在使用aws部署我的项目。我已经安装了eb cli,在运行eb create并为选项选择默认值时,项目将上载到S3: Uploading udagram-myuser-dev/app-200712_154053.zip to S3. This may take a while. Upload Complete. Environment details for: udagram-myuser-dev-dev4 Application name: udagram-myuser-dev R
Uploading udagram-myuser-dev/app-200712_154053.zip to S3. This may take a while.
Upload Complete.
Environment details for: udagram-myuser-dev-dev4
Application name: udagram-myuser-dev
Region: us-east-1
Deployed Version: app-200712_154053
Environment ID: e-kjqwp5hmec
Platform: arn:aws:elasticbeanstalk:us-east-1::platform/Node.js 12 running on 64bit Amazon Linux 2/5.1.0
Tier: WebServer-Standard-1.0
CNAME: udagram-myuser-dev-dev4.us-east-1.elasticbeanstalk.com
Updated: 2020-07-12 13:40:59.026000+00:00
但是,我有错误:
Printing Status:
2020-07-12 13:40:57 INFO createEnvironment is starting.
2020-07-12 13:40:59 INFO Using elasticbeanstalk-us-east-1-087232098494 as Amazon S3 storage bucket for environment data.
2020-07-12 13:41:19 INFO Created target group named: arn:aws:elasticloadbalancing:us-east-1:087232098494:targetgroup/awseb-AWSEB-5K4TX808XT7/debd1eceb7173e02
2020-07-12 13:41:19 INFO Created security group named: sg-02b8b3f3c5a3f0980
2020-07-12 13:41:35 INFO Created security group named: awseb-e-kjqwp5hmec-stack-AWSEBSecurityGroup-DR1EWHJA2HMS
2020-07-12 13:41:50 ERROR Stack named 'awseb-e-kjqwp5hmec-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [AWSEBV2LoadBalancer, AWSEBAutoScalingGroup].
2020-07-12 13:41:50 ERROR Creating Auto Scaling group failed Reason: API: autoscaling:CreateAutoScalingGroup User: arn:aws:iam::087232098494:user/udagram-myuser-dev is not authorized to perform: autoscaling:CreateAutoScalingGroup on resource: arn:aws:autoscaling:us-east-1:087232098494:autoScalingGroup:*:autoScalingGroupName/awseb-e-kjqwp5hmec-stack-AWSEBAutoScalingGroup-1D5XFNTTBU9AM with an explicit deny
2020-07-12 13:41:50 ERROR Creating load balancer named: arn:aws:elasticloadbalancing:us-east-1:087232098494:loadbalancer/app/awseb-AWSEB-2RDS14S53WYD/615ad3ef19b80f90 failed Reason: Resource creation cancelled
2020-07-12 13:41:52 INFO Launched environment: udagram-myuser-dev-dev4. However, there were issues during launch. See event log for details.
ERROR: ServiceError - Launched environment: udagram-myuser-dev-dev4. However, there were issues during launch. See event log for details.
我不知道为什么会出现此错误,因为myuser已将AWSElasticBeanstalkFullAccess
作为策略附加到IAM中的权限中。
运行eb status时——详细,我得到:
INFO: Traceback (most recent call last):
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/lib/aws.py", line 212, in make_api_call
response_data = operation(**operation_options)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/botocore/client.py", line 316, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/botocore/client.py", line 626, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.LoadBalancerNotFoundException: An error occurred (LoadBalancerNotFound) when calling the DescribeTargetGroups operation: Load balancer 'arn:aws:elasticloadbalancing:us-east-1:087232098494:loadbalancer/app/awseb-AWSEB-ULG8J44BG8P3/8d3169781c72a079' not found
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/lib/elbv2.py", line 62, in get_target_groups_for_load_balancer
LoadBalancerArn=load_balancer_arn
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/lib/elbv2.py", line 24, in _make_api_call
return aws.make_api_call('elbv2', operation_name, **operation_options)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/lib/aws.py", line 221, in make_api_call
_handle_response_code(e.response, attempt, aggregated_error_message)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/lib/aws.py", line 275, in _handle_response_code
raise error
ebcli.objects.exceptions.ServiceError: Load balancer 'arn:aws:elasticloadbalancing:us-east-1:087232098494:loadbalancer/app/awseb-AWSEB-ULG8J44BG8P3/8d3169781c72a079' not found
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/core/ebrun.py", line 62, in run_app
app.run()
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/cement/core/foundation.py", line 797, in run
return_val = self.controller._dispatch()
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/cement/core/controller.py", line 472, in _dispatch
return func()
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/cement/core/controller.py", line 478, in _dispatch
return func()
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/core/abstractcontroller.py", line 92, in default
self.do_command()
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/controllers/status.py", line 30, in do_command
statusops.status(app_name, env_name, verbose)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/operations/statusops.py", line 130, in status
_print_information_about_elb_and_instances(env_name) if verbose else None
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/operations/statusops.py", line 190, in _print_information_about_elb_and_instances
_print_elbv2_health_stats(load_balancer_name, instances)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/operations/statusops.py", line 197, in _print_elbv2_health_stats
in elbv2.get_target_groups_for_load_balancer(load_balancer_name)
File "/Users/myuser/.ebcli-virtual-env/lib/python3.7/site-packages/ebcli/lib/elbv2.py", line 65, in get_target_groups_for_load_balancer
raise NotFoundError(e)
ebcli.objects.exceptions.NotFoundError: Load balancer 'arn:aws:elasticloadbalancing:us-east-1:087232098494:loadbalancer/app/awseb-AWSEB-ULG8J44BG8P3/8d3169781c72a079' not found
我有以下AWS管理的默认策略:管理员访问、AWSElasticBeanstalkFullAccess和IAMUserChangePassword,以及附加的自定义组策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetAccessPoint",
"s3:PutAccountPublicAccessBlock",
"s3:GetAccountPublicAccessBlock",
"s3:ListAllMyBuckets",
"s3:ListAccessPoints",
"s3:ListJobs",
"s3:CreateJob",
"s3:HeadBucket"
],
"Resource": "*"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::udagram-myuser-dev/*",
"arn:aws:s3:::udagram-myuser-dev"
]
}
]
}
我需要做什么才能成功部署到aws?编辑
帐户是课程的一部分,可能的原因是服务控制策略拒绝访问特定服务
原创
错误消息表示已明确拒绝用户执行此操作的访问权限
is not authorized to perform: autoscaling:CreateAutoScalingGroup on resource: with an explicit deny
您需要查看附加的其他策略,并删除显式阻止访问的拒绝声明
使用AWS权限,即使添加了allow语句,添加deny语句也将始终超越权限
有关策略评估的更多信息,请查看该页面。除此策略外,您是否附加了其他策略,这似乎表明存在明确的拒绝。我已使用附加到我的用户的所有策略更新了问题您的用户是否有权限边界,或者您的帐户上有服务控制策略吗?我没有设置权限边界,我不确定在哪里检查服务控制策略如果您的帐户在主帐户内的组织中,我的帐户在vocareum内,我正在通过它们学习课程