2

我按照https://www.spinnaker.io/setup/providers/aws/和启动大三角帆中提到的那样进行了配置,并在 clouddriver.logs 中不断收到此错误

Caused by: com.amazonaws.services.ec2.model.AmazonEC2Exception: You are not authorized to perform this operation. (Service: AmazonEC2; Status Code: 403; Error Code: UnauthorizedOperation; Request ID: fb3144e7-7105-44e1-917c-60c6de551d83)

我的安装环境是 AWS ec2 环境,该实例具有角色BaseIAMRole并已附加SpinnakerAssumeRolePolicyPowerUserAccess它。

我在 clouddriver.yml 中配置了管理帐户和托管帐户,如下所示:

aws:
  enabled: true
  accounts:
  - name: '07xxxx...'
#    requiredGroupMembership: []
    accountId: '07xxxx...'
    regions: []
    assumeRole: role/spinnakerManaged
  - name: '19xxxx...'
  #    requiredGroupMembership: []
    accountId: '19xxxx...'
    regions: []
    assumeRole: role/spinnakerManaged
  primaryAccount: '07xxxx...'
  defaultKeyPairTemplate: '{{name}}-keypair'
  defaultRegions:
  - name: ap-southeast-2
  defaultAssumeRole: role/spinnakerManaged
  defaults:
    iamRole: BaseIAMRole

我对管理帐户和受管理帐户都有管理员访问权限...

任何帮助将不胜感激

4

1 回答 1

0

IT 似乎缺少必须附加和设置的 AWS IAM 策略,以便管理角色和托管角色设置生效。请参阅文档:Armory AWS IAM 设置

于 2019-12-17T22:47:16.923 回答