Reputation: 1087
CodeBuild cannot find the 0.0.0.0/0 destination for the target internet gateway
I've been struggling with this for hours. So, I created my VPC, along with 4 different subnets. The first three are attached to a regular Internet Gateway. The last one is attached to a NAT Gateway (with 0.0.0.0/0 as Destination). My CodeBuild project is set to use this VPC and the last subnet.
When I click "Validate VPC Settings" in the CodeBuild Project Environment, I get this warning:
"The VPC with ID * might not have an internet connection. CodeBuild cannot find the 0.0.0.0/0 destination for the target internet gateway with subnet ID *."
If I try to run the CodeBuild project, it will timeout because it has no internet access and cannot download sources from CodeCommit...
What am I missing here? The Routing Table for my subnet is attached to the NAT Gateway and the Destination is 0.0.0.0/0, so the error message above doesn't make any sense to me.
Thank you!
Upvotes: 14
Views: 4823
Answers (3)
Reputation: 51
For those who did not immediately understand. When you create a NAT, you must select a public network from your VPC and then use that NAT on your private network.
And don't forget to grant the necessary permissions for your codeBuild role. https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface
Upvotes: 0
Reputation: 1619
I have faced the same issue and below is the fix that I have applied to make it work:
- Yes, even I had mapped the private subnet on NAT Gateway. So, the first correction was to map the public subnet.
- Created an "internet gateway" and attached it to the created VPC.
- Navigate to the created VPC, and ensured that it has the default main route table mapped.
- Click on the default mapped route table, and attach the created "internet gateway" from step2. Don't map any subnet.
- Navigate to the Route table, select the private route table, and map the created NAT Gateway, and private subnet.
- Navigate to the Code Build, select the created VPC, private subnet, and security group and finally click on "Validate VPC Setting".
Note: Both the route table must be attached to the same VPC.
Actual output: I got the message "VPC with ID {{vpc-xyz}} has the internet connection".
A reference that has helped to try the above steps: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-internet-connectivity/
I hope this helps.
Upvotes: 2
Reputation: 1087
So, in case anyone else has the same issue, the reason was that I mistakenly placed my NAT Gateway on a private subnet instead of a public one.
Upvotes: 25
Related Questions
- Errors on using CodeBuild for first time
- AWS CodeBuild errors out in provisioning step
- How to enable VPC access for AWS CodeBuild/Code Pipeline?
- AWS CodeBuild issue
- AWS CodeBuild VPC_CLIENT_ERROR: Unexpected EC2 error: UnauthorizedOperation
- CodeBuild (AWS) from CodePipeline (AWS) is not working
- AWS codebuild fails cant download source when initiated from codepipeline
- I try to build an AWS CodeBuild, but failed
- AWS Codebuild fails while downloading source. Message: reference not found
- AWS CodeBuild – Build does not have internet connectivity. Please check subnet network configuration