运行 aws s3 cp --recursive 命令时 AWS CodeBuild 失败
Failed AWS CodeBuild when running the aws s3 cp --recursive command
有人可以帮我弄清楚我的 CodeBuild 失败的原因吗?我在日志中收到以下错误:
[Container] 2021/03/29 23:13:38 Command did not exit successfully aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/ exit status 1
[Container] 2021/03/29 23:13:38 Phase complete: POST_BUILD State: FAILED
[Container] 2021/03/29 23:13:38 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/. Reason: exit status 1
[Container] 2021/03/29 23:13:38 Expanding base directory path: build
[Container] 2021/03/29 23:13:38 Assembling file list
[Container] 2021/03/29 23:13:38 Expanding build
[Container] 2021/03/29 23:13:38 Expanding file paths for base directory build
[Container] 2021/03/29 23:13:38 Assembling file list
[Container] 2021/03/29 23:13:38 Expanding **/*
[Container] 2021/03/29 23:13:38 Found 19 file(s)
[Container] 2021/03/29 23:13:38 Phase complete: UPLOAD_ARTIFACTS State: SUCCEEDED
[Container] 2021/03/29 23:13:38 Phase context status code: Message:
这就是我的 S3 存储桶策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": [
"arn:aws:s3:::cloud-nova-s3-dev02/*",
"arn:aws:s3:::cloud-nova-s3-dev02"
]
}
]
}
这是我的 buildspec.yml 文件的示例:
version: 0.1
phases:
pre_build:
commands:
- echo Installing source NPM dependencies...
- npm install
build:
commands:
- echo Build started on `date`
- npm run build
post_build:
commands:
# copy the contents of /build to S3
- aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/
artifacts:
files:
- '**/*'
base-directory: build
您的存储桶策略仅允许 s3:GetObject
,用于从中下载对象。但是,在您的 CodeBuild (CB) 中,您正在尝试将对象上传到它。所以这失败了。
要纠正此问题,您可以将 inline policy 添加到您的 CB 执行角色 以允许 CB 上传对象。例如,
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::cloud-nova-s3-dev02/*"
}
]
}
有人可以帮我弄清楚我的 CodeBuild 失败的原因吗?我在日志中收到以下错误:
[Container] 2021/03/29 23:13:38 Command did not exit successfully aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/ exit status 1
[Container] 2021/03/29 23:13:38 Phase complete: POST_BUILD State: FAILED
[Container] 2021/03/29 23:13:38 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/. Reason: exit status 1
[Container] 2021/03/29 23:13:38 Expanding base directory path: build
[Container] 2021/03/29 23:13:38 Assembling file list
[Container] 2021/03/29 23:13:38 Expanding build
[Container] 2021/03/29 23:13:38 Expanding file paths for base directory build
[Container] 2021/03/29 23:13:38 Assembling file list
[Container] 2021/03/29 23:13:38 Expanding **/*
[Container] 2021/03/29 23:13:38 Found 19 file(s)
[Container] 2021/03/29 23:13:38 Phase complete: UPLOAD_ARTIFACTS State: SUCCEEDED
[Container] 2021/03/29 23:13:38 Phase context status code: Message:
这就是我的 S3 存储桶策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": [
"arn:aws:s3:::cloud-nova-s3-dev02/*",
"arn:aws:s3:::cloud-nova-s3-dev02"
]
}
]
}
这是我的 buildspec.yml 文件的示例:
version: 0.1
phases:
pre_build:
commands:
- echo Installing source NPM dependencies...
- npm install
build:
commands:
- echo Build started on `date`
- npm run build
post_build:
commands:
# copy the contents of /build to S3
- aws s3 cp --recursive --acl public-read ./build s3://cloud-nova-s3-dev02/public/
artifacts:
files:
- '**/*'
base-directory: build
您的存储桶策略仅允许 s3:GetObject
,用于从中下载对象。但是,在您的 CodeBuild (CB) 中,您正在尝试将对象上传到它。所以这失败了。
要纠正此问题,您可以将 inline policy 添加到您的 CB 执行角色 以允许 CB 上传对象。例如,
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::cloud-nova-s3-dev02/*"
}
]
}