AWS Codepipeline wizard "Could not create IAM role"

Question

I'm trying to set up a pipeline this AWS tutorial (here). Everything was going well until I got to the end of step 5. The error message I'm getting is simple "could not create IAM role", but the role was successfully created when I checked it in the IAM console.

I've canceled the wizard and tried it again a few times, even leaving it overnight in case something was stuck in the cache, but its still returning the same error message.

Has anybody else come up against this?

Answer 1

If you create a pipeline with Cloudwatch events as an option to automatically start the Pipeline (you pick this option during source step) then code pipeline tries to create Cloud watch event and rule along with corresponding Role and Policy.

It's not possible to manually create that Cloudwatch service role and assign during the code pipeline as it happens in the background and there is no option to customize this step.

This is the step which results in "Could not create IAM role " error (If user creating pipeline does not have the permission to create IAM roles).

Solution: Choose AWS Codecommit periodic checks as an option to automate the pipeline, then you will not face this issue.

Answer 2

Same problem for me. And there too : https://forums.aws.amazon.com/thread.jspa?threadID=265725&tstart=0 This problem seems to vanish when you have got all rights. ... ...

I tracked this error and found that in my specific case, it comes the fact that I missed some user right like DeletePolicyVersion for example. I needed it to be able to make a CodePipeline from the Console.

Yet, building a pipeline through CloudFormation (yaml file deployed with CLI) works just fine without more user right.