Question

尝试在我的EC2实例上安装AWS CodeDeploy代理

aws s3 cp s3://aws-codedeploy-ap-southeast-2/latest/install . --region ap-southeast-2
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden

实例的IAM角色具有策略文档

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "s3:Get*",
                "s3:List*"
            ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}

和信任关系

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "codedeploy.ap-southeast-2.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Answer 1

我遵循了指南 http://docs.aws.amazon.com/codedeploy/latest/userguide/codedeploy-agent-operations-install-linux.html

我还将AdministratorGroup Policy附加到我的用户。

Code Deploy代理现在在我的框中运行。

Answer 2

该命令不正确。 cp用于将内容上传到S3，下载您可以使用的文件curl或wget：

curl -O https://aws-codedeploy-ap-southeast-2.s3.amazonaws.com/latest/install

或

wget https://aws-codedeploy-ap-southeast-2.s3.amazonaws.com/latest/install

aws s3命令以403禁止响应

2 个答案: