5

I have a PipeLine for Lambda (NodeJS) Auto Deploy from CodeCommit.

My buildspec.yml

version: 0.1
phases:
 install:
  commands:
    - npm install
    - aws cloudformation package --template-file samTemplate.yaml --s3-bucket codepipeline-551 --output-template-file outputSamTemplate.yaml
artifacts:
  type: zip
  files:
    - samTemplate.yaml
    - outputSamTemplate.yaml

My samTemplate.yaml

AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Description: An AWS Serverless Specification template describing your function.
Resources:
  KashIoTLambda:
    Type: 'AWS::Serverless::Function'
    Properties:
      Handler: lambda.handler
      Runtime: nodejs8.10
      CodeUri: ./
      Description: ''
      MemorySize: 128
      Timeout: 3
      Role: 'arn:aws:iam::1234:role/abc-backend'
      Events:
        Api1:
          Type: Api
          Properties:
            Path: '/{proxy+}'
            Method: OPTIONS
        Api2:
          Type: Api
          Properties:
            Path: /MyResource
            Method: ANY
      Environment:
        Variables:
          REGION: ap-south-1

The policy attached to the role mentioned for CodeBuild gives access to All Resources & All S3 commands.

However, I have the following error from build logs

[Container] 2019/01/03 13:25:39 Running command npm install
added 122 packages in 3.498s
 [Container] 2019/01/03 13:25:44 Running command aws cloudformation package --template-file samTemplate.yaml --s3-bucket codepipeline-551 --output-template-file outputSamTemplate.yaml
 Unable to upload artifact ./ referenced by CodeUri parameter of ABCLambda resource.
An error occurred (AccessDenied) when calling the PutObject operation: Access Denied
 [Container] 2019/01/03 13:25:46 Command did not exit successfully aws cloudformation package --template-file samTemplate.yaml --s3-bucket codepipeline-551 --output-template-file outputSamTemplate.yaml exit status 255
[Container] 2019/01/03 13:25:46 Phase complete: INSTALL Success: false
[Container] 2019/01/03 13:25:46 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: aws cloudformation package --template-file samTemplate.yaml --s3-bucket codepipeline-551 --output-template-file outputSamTemplate.yaml. Reason: exit status 255
Improve this question
8
  • did you use sam package command first sam package \ --template-file template.yaml \ --output-template-file packaged.yaml \ --s3-bucket REPLACE_THIS_WITH_YOUR_S3_BUCKET_NAME Commented Jan 3, 2019 at 15:33
  • github.com/varnitgoyal95/IT-Academy-/tree/master/lambda/… refer to readme file Commented Jan 3, 2019 at 15:35
  • @varnit as you can see from the logs, the command executed is aws cloudformation package --template-file samTemplate.yaml --s3-bucket codepipeline-551 --output-template-file outputSamTemplate.yaml Commented Jan 3, 2019 at 17:09
  • its has nothing to do with codebuild you must have some user set in ~/.awsconfig/credential file and that user must have permission to access your s3 bucket so before you call cloud formation package command you need to place this file in your enviroment with suitable aws credentials Commented Jan 3, 2019 at 17:24
  • docs.aws.amazon.com/cli/latest/topic/config-vars.html Commented Jan 3, 2019 at 17:25

1 Answer 1

Reset to default
2

Check the policies/permissions on the bucket itself.

S3 Bucket Policy

If you were like me, you may have selected the default location option as the artifact store in the pipeline settings when you first set it up. In which case, there may be policies on the S3 bucket itself blocking access.

AWS Pipeline Settings

For me, once I removed the bucket policy the unable to upload artifact error was resolved and my build process went on to complete successfully.

I hope this helps you.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.