此 Auto Scaling 组的服务相关角色尚未准备好使用
The Service-Linked Role for this Auto Scaling group is not yet ready for use
我正在创建 AWS CloudFormation 模板以将 lambda 函数添加为生命周期挂钩。但是 CloudFormation 模板部署失败并显示以下消息:
The Service-Linked Role for this Auto Scaling group is not yet ready for use.
CF模板是用YAML写的,弹性伸缩组部分如下:
ServerGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
DependsOn:
- VpcStack
- NodeManagerExecRole
- NodeManagerSnsTopic
Properties:
VPCZoneIdentifier:
- !GetAtt [VpcStack, Outputs.Subnet2Id]
LaunchConfigurationName: !Ref LaunchConfig2
MinSize: '0'
MaxSize: !Ref NodesPerZone
DesiredCapacity: !Ref NodesPerZone
Cooldown: '300'
HealthCheckType: EC2
HealthCheckGracePeriod: '300'
LoadBalancerNames:
- !Ref ElasticLoadBalancer
LifecycleHookSpecificationList:
- LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'
LifecycleHookName: NodeManager
HeartbeatTimeout: 4800
NotificationTargetARN: !Ref NodeManagerSnsTopic
RoleARN: !GetAtt [NodeManagerExecRole, Arn]
NodeManagerExecRole的代码片段是这样的:
NodeManagerExecRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- 'sts:AssumeRole'
Policies:
- PolicyName: NodeManager
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- "sns:Publish"
Resource: "arn:aws:sns:*:*:*"
- Effect: Allow
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource: 'arn:aws:logs:*:*:*'
我在 AWS 文档和 stackoverfolow 中进行了搜索,但没有找到有关此错误的有用信息。仅在详细信息中提到 here。
模板中是否缺少某些内容?
您需要将自动缩放组的信任策略添加到 post 到 SNS。
"Principal": {
"Service": "autoscaling.amazonaws.com"
},
我正在创建 AWS CloudFormation 模板以将 lambda 函数添加为生命周期挂钩。但是 CloudFormation 模板部署失败并显示以下消息:
The Service-Linked Role for this Auto Scaling group is not yet ready for use.
CF模板是用YAML写的,弹性伸缩组部分如下:
ServerGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
DependsOn:
- VpcStack
- NodeManagerExecRole
- NodeManagerSnsTopic
Properties:
VPCZoneIdentifier:
- !GetAtt [VpcStack, Outputs.Subnet2Id]
LaunchConfigurationName: !Ref LaunchConfig2
MinSize: '0'
MaxSize: !Ref NodesPerZone
DesiredCapacity: !Ref NodesPerZone
Cooldown: '300'
HealthCheckType: EC2
HealthCheckGracePeriod: '300'
LoadBalancerNames:
- !Ref ElasticLoadBalancer
LifecycleHookSpecificationList:
- LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'
LifecycleHookName: NodeManager
HeartbeatTimeout: 4800
NotificationTargetARN: !Ref NodeManagerSnsTopic
RoleARN: !GetAtt [NodeManagerExecRole, Arn]
NodeManagerExecRole的代码片段是这样的:
NodeManagerExecRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- 'sts:AssumeRole'
Policies:
- PolicyName: NodeManager
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- "sns:Publish"
Resource: "arn:aws:sns:*:*:*"
- Effect: Allow
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource: 'arn:aws:logs:*:*:*'
我在 AWS 文档和 stackoverfolow 中进行了搜索,但没有找到有关此错误的有用信息。仅在详细信息中提到 here。
模板中是否缺少某些内容?
您需要将自动缩放组的信任策略添加到 post 到 SNS。
"Principal": {
"Service": "autoscaling.amazonaws.com"
},