I want to use bitbucket as source,
I have the permission error like this below.
I guess I should give the permission to AWSCloudFormation role, however how can I do it?
User: arn:aws:sts::678100228133:assumed-role/cdk-hnb659fds-cfn-exec-role-678100228133-us-west-2/AWSCloudFormation is not authorized to perform: codestar-connections:Pas
sConnection on resource: ari:cloud:bitbucket::app/{67a68345-bf8e-49c5-8eca-833727e2d892}/aws-codestar (Service: AWSCodePipeline; Status Code: 400; Error Code: AccessDen
iedException; Request ID: 0d152b96-e756-4821-9ad1-7551cb9e8bf7; Proxy: null)
My cdk code is like this, ari:cloud:bitbucket::app/{67a68345-bf8e-49c5-8eca-833727e2d892}/aws-codestar is already set manually.
const bitbucketSourceOutput = new cdk.aws_codepipeline.Artifact();
const bitbucketSourceAction = new cdk.aws_codepipeline_actions.CodeStarConnectionsSourceAction({
actionName: `ss-${targetEnv}-ecs-bitbucket-build`,
owner: 'aws',
repo: 'myname/testrepo',
output: bitbucketSourceOutput,
connectionArn: 'ari:cloud:bitbucket::app/{67a68345-bf8e-49c5-8eca-833727e2d892}/aws-codestar',
});
CodePudding user response:
ari:cloud:bitbucket::app/{67a68345-bf8e-49c5-8eca-833727e2d892}/aws-codestar
is not a valid CodeStar connection ARN. A codestar connection ARN looks like this: arn:aws:codestar-connections:eu-west-1:123456789012:connection/991f-27e07658dd59-344e-44d2-adea40dd
You need to create a CodeStar connection in the AWS console and use its ARN in your pipeline.