Reputation: 471
Can someone please help me figure out why my CodeBuild is failing? I am getting the following error in the log:
[Container] 2021/03/29 23:13:38 Command did not exit successfully aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/ exit status 1
[Container] 2021/03/29 23:13:38 Phase complete: POST_BUILD State: FAILED
[Container] 2021/03/29 23:13:38 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/. Reason: exit status 1
[Container] 2021/03/29 23:13:38 Expanding base directory path: build
[Container] 2021/03/29 23:13:38 Assembling file list
[Container] 2021/03/29 23:13:38 Expanding build
[Container] 2021/03/29 23:13:38 Expanding file paths for base directory build
[Container] 2021/03/29 23:13:38 Assembling file list
[Container] 2021/03/29 23:13:38 Expanding **/*
[Container] 2021/03/29 23:13:38 Found 19 file(s)
[Container] 2021/03/29 23:13:38 Phase complete: UPLOAD_ARTIFACTS State: SUCCEEDED
[Container] 2021/03/29 23:13:38 Phase context status code: Message:
This is what my S3 bucket policy looks like:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": [
"arn:aws:s3:::cloud-nova-s3-dev02/*",
"arn:aws:s3:::cloud-nova-s3-dev02"
]
}
]
}
Here's an example of my buildspec.yml file:
version: 0.1
phases:
pre_build:
commands:
- echo Installing source NPM dependencies...
- npm install
build:
commands:
- echo Build started on `date`
- npm run build
post_build:
commands:
# copy the contents of /build to S3
- aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/
artifacts:
files:
- '**/*'
base-directory: build
Upvotes: 3
Views: 2303
Reputation: 239000
Your bucket policy allows only for s3:GetObject
, which is for downloading objects from it. However, in your CodeBuild (CB), you are trying to upload the objects to it. So this fails.
To rectify the issue, you can add inline policy to your CB execution role which allows CB to upload objects. For example,
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::cloud-nova-s3-dev02/*"
}
]
}
Upvotes: 4