CODEWITHSUNDEEP
amazon-web-servicesaws-pipeline
Venus
Venus

Reputation: 193

CLIENT_ERROR: authorization failed for primary source and source version

I opened a free AWS account to learn and created an Administrator user group and user in IAM for myself.

I am following a tutorial "Automating your API testing with AWS CodeBuild, AWS CodePipeline, and Postman."

I am getting the error CLIENT_ERROR: authorization failed for primary source and source version in the DOWNLOAD_SOURCE phase of the Build transition in CodePipeline.

I followed the directions in an earlier post at AWS CodeBuild failed CLIENT_ERROR: authorization failed for primary source and source version with no success.

I added and attached a policy for connection-permissions in my service role as directed like so:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "codestar-connections:UseConnection",
            "Resource": "insert connection ARN here"
        }
    ]
}

Later, I changed the Action above to

"codepipeline:GetPipelineState"

I added and attached a policy for GitPull like so:

{
    "Action": [
        "codecommit:GitPull"
    ],
    "Resource": "*",
    "Effect": "Allow"
},

I have disconnected and reconnected my connection to GitHub and also tried creating a new personal access token with no success. I have tried changing my S3 to public and Allow with

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::yourbucketname/*"
        }
    ]
}

I also tried updating my node in the source code to 16.18.0.

I am stuck. The resources I have found keep pointing me to the same AWS page I mentioned. I don't know what else to do. I would appreciate any help.

My repo is located at https://github.com/venushofler/my-aws-codepipeline-codebuild-with-postman.git

Pipeline image

CodeBuild image

Upvotes: 1

Views: 1617

Answers (1)

Venus
Venus

Reputation: 193

The answer to the above was to add a default set of access permissions to my users, groups, and roles in my account. I found documentation at https://docs.aws.amazon.com/codebuild/latest/userguide/setting-up.html which in part stated, "To add a default set of CodeBuild access permissions to an IAM group or IAM user, choose Policy Type, AWS Managed, and then do the following:

To add full access permissions to CodeBuild, select the box named AWSCodeBuildAdminAccess, choose Policy Actions, and then choose Attach. "

This worked to allow the Build and Deploy stage to succeed. enter image description here

Upvotes: 2

Related Questions