Reputation: 1034
Problem creating CodePipeline, Deploy stage for AWS SAM application
I have created a working CodePipeline for my AWS SAM application.
It is using only Source and Build phases with the following buildspec.yaml file
version: 0.2
phases:
install:
runtime-versions:
python: 3.7
commands:
- pip install --user aws-sam-cli
- USER_BASE_PATH=$(python -m site --user-base)
- export PATH=$PATH:$USER_BASE_PATH/bin
build:
commands:
- sam build
post_build:
commands:
sam package --s3-bucket deploy-bucket --output-template-file deployment.yaml
# finally:
# sam deploy --template-file deployment.yaml --stack-name MyStackSAM--region us-east-1 --capabilities CAPABILITY_IAM
As you can see I have commented out the last two lines as I want to move that action to a Deploy stage in CodePipeline
My Deploy step looks like this:
My CloudFormationPipelineServiceRole has full admin permission at this point, never the less, I'm still getting the following error as the result of executing this stage.
Action execution failed
Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: XXXXFFFFFXXXX; S3 Extended Request ID: XXXXFFFFFXXXXFFFFFXXXXX=)
I am stuck as to why I'm getting this error. Any help would be greatly appreciated.
Upvotes: 0
Views: 464
Answers (1)
Reputation: 14462
First, sam package expects source template file that needs to be passed via --template-file flag. I don't see that template file anywhere in your code. Which template file are you trying to package?
Second, you are not uploading the necessary artifacts to the s3 bucket. The only thing that you are uploading is zipped code but as you can see from the command that you have commented out:
sam deploy --template-file deployment.yaml --stack-name MyStackSAM--region us-east-1 --capabilities CAPABILITY_IAM
you also need this file deployment.yaml but you didn't specify that in your code. There is no way for CodeBuild to guess which artifacts you want to preserve.
You will need to add additional artifacts section to the bottom of your buildspec file and specify those artifacts.
artifacts:
type: zip
files:
- template.yaml # (where do you have this file?)
- outputtemplate.yaml # (deployment.yaml in your case)
Note that the artifacts section needs to be on the same level as version and phases
version: 0.2
phases:
...
artifacts:
...
Upvotes: 2
Related Questions
- CodePipeline Deployment error "Invalid argument @ rb_sysopen - C:\ProgramData/Amazon/CodeDeploy/xxxxxxxx/xxxxxx/deployment-archive\*.*"
- How do you use sam to run a cdk application that uses codepipeline to deploy?
- How to work with codepipeline in SAM project?
- AWS CodePipeline deploy failed
- CodePipeline Deploying SAM Template Error With Added Action
- AWS CodePipeline CodeBuild SAM Lambda
- AWS CodePipeline Action execution failed
- AWS Cloudformation / Codepipeline Parameters: [ProjectId] must have values
- CodePipeline unable to locate SAM template yaml file
- CloudFormation to setup CodePipeline/CodeBuild to deploy SAM application