我在codebuild上运行cdk合成器时遇到问题,它只是说:You are not authorized to perform this operation.
这是一个CDK应用程序,它使用@aws-cdk/app-delivery依赖项来配置CI / CD管道,以配置某些基础结构。我正在使用的代码构建映像为:aws/codebuild/nodejs:10.1.0
buildspec.yml是app-delivery在其自述文件中共享的标准文件,只需添加--loglevel verbose即可更好地了解正在发生的事情
phases:
install:
commands:
# Installs the npm dependencies as defined by the `package.json` file
# present in the root directory of the package
# (`cdk init app --language=typescript` would have created one for you)
- npm install
build:
commands:
# Builds the CDK App so it can be synthesized
- npm run build
# Synthesizes the CDK App and puts the resulting artifacts into `dist`
- npm run cdk synth --loglevel verbose -- -o dist
artifacts:
# The output artifact is all the files in the `dist` directory
base-directory: dist
files: '**/*'
这是代码构建日志:
[Container] 2019/06/06 19:20:11 Running command npm run cdk synth --loglevel verbose -- -o dist
npm info it worked if it ends with ok
npm verb cli [ '/usr/local/bin/node',
npm verb cli '/usr/local/bin/npm',
npm verb cli 'run',
npm verb cli 'cdk',
npm verb cli 'synth',
npm verb cli '--loglevel',
npm verb cli 'verbose',
npm verb cli '--',
npm verb cli '-o',
npm verb cli 'dist' ]
npm info using npm@5.6.0
npm info using node@v10.1.0
npm verb run-script [ 'precdk', 'cdk', 'postcdk' ]
npm info lifecycle dvi-infrastructure-cdk@0.1.0~precdk: dvi-infrastructure-cdk@0.1.0
npm info lifecycle dvi-infrastructure-cdk@0.1.0~cdk: dvi-infrastructure-cdk@0.1.0
> dvi-infrastructure-cdk@0.1.0 cdk /codebuild/output/src891487954/src
> cdk "synth" "-o" "dist"
You are not authorized to perform this operation.
npm verb lifecycle dvi-infrastructure-cdk@0.1.0~cdk: unsafe-perm in lifecycle true
npm verb lifecycle dvi-infrastructure-cdk@0.1.0~cdk: PATH: /usr/local/lib/node_modules/npm/node_modules/npm-lifecycle/node-gyp-bin:/codebuild/output/src891487954/src/node_modules/.bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
npm verb lifecycle dvi-infrastructure-cdk@0.1.0~cdk: CWD: /codebuild/output/src891487954/src
npm info lifecycle dvi-infrastructure-cdk@0.1.0~cdk: Failed to exec cdk script
npm verb stack Error: dvi-infrastructure-cdk@0.1.0 cdk: `cdk "synth" "-o" "dist"`
npm verb stack Exit status 1
npm verb stack at EventEmitter.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/npm-lifecycle/index.js:285:16)
npm verb stack at EventEmitter.emit (events.js:182:13)
npm verb stack at ChildProcess.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/npm-lifecycle/lib/spawn.js:55:14)
npm verb stack at ChildProcess.emit (events.js:182:13)
npm verb stack at maybeClose (internal/child_process.js:957:16)
npm verb stack at Process.ChildProcess._handle.onexit (internal/child_process.js:246:5)
npm verb pkgid dvi-infrastructure-cdk@0.1.0
npm verb cwd /codebuild/output/src891487954/src
npm verb Linux 4.14.114-83.126.amzn1.x86_64
npm verb argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "cdk" "synth" "--loglevel" "verbose" "--" "-o" "dist"
npm verb node v10.1.0
npm verb npm v5.6.0
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! dvi-infrastructure-cdk@0.1.0 cdk: `cdk "synth" "-o" "dist"`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the dvi-infrastructure-cdk@0.1.0 cdk script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm verb exit [ 1, true ]
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2019-06-06T19_20_13_082Z-debug.log
[Container] 2019/06/06 19:20:13 Command did not exit successfully npm run cdk synth --loglevel verbose -- -o dist exit status 1
[Container] 2019/06/06 19:20:13 Phase complete: BUILD State: FAILED
[Container] 2019/06/06 19:20:13 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: npm run cdk synth --loglevel verbose -- -o dist. Reason: exit status 1
答案 0 :(得分:1)
通过在npm run cdk synth -- -v -o dist中运行buildspec.yml命令,我能够检查出哪个错误。这样我得到了以下错误:
Some context information is missing. Fetching...
Reading AZs for 244496089465:us-west-2
Using default AWS SDK credentials for account 244496089465
You are not authorized to perform this operation.
UnauthorizedOperation: You are not authorized to perform this operation.
at Request.extractError (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/services/ec2.js:50:35)
at Request.callListeners (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:683:14)
at Request.transition (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /codebuild/output/src133069252/src/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:685:12)
at Request.callListeners (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
因此,通过将以下权限ec2:DescribeAvailabilityZones添加到codebuild角色中,解决了我的问题