当cloudformation正在构建堆栈时,我收到以下错误:
AWS :: AutoScaling :: LaunchConfiguration N1ClusterServerLaunchConfig您无权执行此操作
我拥有管理员完全访问权限。但是,这仍然失败了。是否由模板内定义的IAM授权?
"N1ClusterServerAutoScale": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"AvailabilityZones": {
"Fn::GetAZs": ""
},
"LaunchConfigurationName": {
"Ref": "N1ClusterServerLaunchConfig"
},
"MinSize": "2",
"MaxSize": "64",
"DesiredCapacity": {
"Ref": "ClusterSize"
},
"Tags": [
{
"Key": "Name",
"Value": {
"Ref": "AWS::StackName"
},
"PropagateAtLaunch": true
}
]
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "a715af00-ebba-4fab-a817-d5ee1986dfe7"
}
}
},
"N1ClusterServerLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId": {
"Fn::FindInMap": [
"RegionMap",
{
"Ref": "AWS::Region"
},
"hvm"
]
},
"InstanceType": {
"Ref": "InstanceType"
},
"KeyName": {
"Ref": "KeyPair"
},
"SecurityGroups": [
{
"Ref": "N1ClusterSecurityGroup"
},
{
"Ref": "N1NodeSecurityGroup"
}
],
"IamInstanceProfile": {
"Ref": "IamInstanceProfile"
},
IAM
"AllowComputeFrom": {
"Description": "The net block (CIDR) that N1-COMPUTE is available to.",
"Default": "0.0.0.0/0",
"Type": "String"
},
"IamInstanceProfile": {
"Description": "The name of an IAM Profile which can access required S3 buckets and instances.",
"Default": "arn:aws:iam::247256189695:instance-profile/n1-compute-instance",
"Type": "String"
},
"IamInstanceProfileShort": {
"Description": "The last part of the name of an IAM Profile which can create instances.",
"Default": "n1-compute-instance",
"Type": "String"
},
答案 0 :(得分:0)
ec2:RunInstances 需要使用 Launch 模板