我在项目文件夹中运行jhipster aws,然后回答提示。
C:\AWSworkspace\jhaws>jhipster aws
INFO! Using JHipster version installed locally in current project's node_modules
INFO! Executing jhipster:aws
INFO! Options: from-cli: true
? Application name: jhaws
? Environment name: jhaws-env
? Name of S3 bucket: jhaws
? Database name: jhaws
? Database username: jhawsadmin
? Database password: [hidden]
? On which EC2 instance type do you want to deploy? t2.micro
? On which RDS instance class do you want to deploy? db.t2.micro
? On which region do you want to deploy? us-east-1
Building application
这将创建S3存储桶,上传jar,创建数据库并启动数据库,但是当到达Verifying ElasticBeanstalk Roles时,我得到消息:
Verifying ElasticBeanstalk Roles
Error: User: arn:aws:iam::173874802293:user/progaccess is not authorized to perform: iam:GetInstanceProfile on resource: instance profile aws-elasticbeanstalk-ec2-role
at Environment.error (C:\AWSworkspace\jhaws\node_modules\yeoman-environment\lib\environment.js:176:40)
at module.exports.error (C:\AWSworkspace\jhaws\node_modules\generator-jhipster\generators\generator-base.js:1448:18)
at iam.verifyRoles.err (C:\AWSworkspace\jhaws\node_modules\generator-jhipster\generators\aws\index.js:228:30)
at hasInstanceRole.then.then.then.then.then.then.catch.err (C:\AWSworkspace\jhaws\node_modules\generator-jhipster\generators\aws\lib\iam.js:214:13)
at process._tickCallback (internal/process/next_tick.js:68:7)
用户progaccess从progaccess组获得权限。这些是权限:
AWSCodeCommitFullAccess
IAMSelfManageServiceSpecificCredentials
AWSElasticBeanstalkWebTier
AWSElasticBeanstalkFullAccess
AWSElasticBeanstalkMulticontainerDocker
AmazonRDSDataFullAccess
AWSElasticBeanstalkWorkerTier
我添加了为aws-elasticbeanstalk-ec2-role角色列出的权限,所以我不知道缺少哪些权限。谢谢。
答案 0 :(得分:1)
您需要为用户添加权限IAM:GetInstanceProfile。记录在案的AWSElasticBeanstalkFullAccess策略还不够
答案 1 :(得分:0)
您需要将策略IAMReadOnlyAccess附加到组,因为它包含权限 IAM:GetInstanceProfile 。