If I try to run deployment from a GitHub project to EC2 Instance using AWS CodeDeploy, I get these error messages from /var/log/aws/codedeploy-agent/codedeploy-agent.log
2022-08-01 11:07:25 INFO [codedeploy-agent(3386)]: master 3386: Spawned child 1/1
2022-08-01 11:07:25 INFO [codedeploy-agent(3388)]: On Premises config file does not exist or not readable
2022-08-01 11:07:25 INFO [codedeploy-agent(3388)]: CodeDeploy endpoint: https://codedeploy-commands.us-east-2.amazonaws.com
2022-08-01 11:07:25 INFO [codedeploy-agent(3388)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandExecutor: Archives to retain is: 5}
2022-08-01 11:07:25 INFO [codedeploy-agent(3388)]: CodeDeploy endpoint: https://codedeploy-commands.us-east-2.amazonaws.com
2022-08-01 11:07:25 INFO [codedeploy-agent(3388)]: CodeDeploy endpoint: https://codedeploy-commands.us-east-2.amazonaws.com
2022-08-01 11:07:25 INFO [codedeploy-agent(3388)]: Version file found in /opt/codedeploy-agent/.version with agent version OFFICIAL_1.3.2-1902_deb.
2022-08-01 11:07:25 ERROR [codedeploy-agent(3388)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Missing credentials - please check if this instance was started with an IAM instance profile
2022-08-01 11:07:26 INFO [codedeploy-agent(3386)]: Started master 3386 with 1 children
2022-08-01 11:07:36 INFO [codedeploy-agent(3388)]: Version file found in /opt/codedeploy-agent/.version with agent version OFFICIAL_1.3.2-1902_deb.
2022-08-01 11:07:36 ERROR [codedeploy-agent(3388)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Missing credentials - please check if this instance was started with an IAM instance profile
2022-08-01 11:07:49 INFO [codedeploy-agent(3388)]: Version file found in /opt/codedeploy-agent/.version with agent version OFFICIAL_1.3.2-1902_deb.
2022-08-01 11:07:49 ERROR [codedeploy-agent(3388)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Missing credentials - please check if this instance was started with an IAM instance profile
The EC2 instance has IAM role assigned:
IAM permission policies
IAM Trust Relationships
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": [
"ec2.amazonaws.com",
"codedeploy.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
I tried to reboot the ec2 instance and restart the code-deploy agent by command:
sudo service codedeploy-agent restart
But it didn't help
CodePudding user response:
The IAM role was missing AmazonS3ReadOnlyAccess
permission