6

我在 codebuild 上运行 cdk synth 时遇到问题,它只是说:You are not authorized to perform this operation.

这是一个 CDK 应用程序,用于使用@aws-cdk/app-delivery依赖项来配置一些基础设施以创建 CI/CD 管道。我正在使用的代码构建图像是:aws/codebuild/nodejs:10.1.0

buildspec.yml 是app-delivery在他们的自述文件中共享的标准文件,只是--loglevel verbose为了更好地了解正在发生的事情

phases:
  install:
    commands:
      # Installs the npm dependencies as defined by the `package.json` file
      # present in the root directory of the package
      # (`cdk init app --language=typescript` would have created one for you)
      - npm install
  build:
    commands:
      # Builds the CDK App so it can be synthesized
      - npm run build
      # Synthesizes the CDK App and puts the resulting artifacts into `dist`
      - npm run cdk synth --loglevel verbose -- -o dist
artifacts:
  # The output artifact is all the files in the `dist` directory
  base-directory: dist
  files: '**/*'

这是代码构建日志:

[Container] 2019/06/06 19:20:11 Running command npm run cdk synth --loglevel verbose -- -o dist 
npm info it worked if it ends with ok 
npm verb cli [ '/usr/local/bin/node', 
npm verb cli   '/usr/local/bin/npm', 
npm verb cli   'run', 
npm verb cli   'cdk', 
npm verb cli   'synth', 
npm verb cli   '--loglevel', 
npm verb cli   'verbose', 
npm verb cli   '--', 
npm verb cli   '-o', 
npm verb cli   'dist' ] 
npm info using npm@5.6.0 
npm info using node@v10.1.0 
npm verb run-script [ 'precdk', 'cdk', 'postcdk' ] 
npm info lifecycle dvi-infrastructure-cdk@0.1.0~precdk: dvi-infrastructure-cdk@0.1.0 
npm info lifecycle dvi-infrastructure-cdk@0.1.0~cdk: dvi-infrastructure-cdk@0.1.0 

> dvi-infrastructure-cdk@0.1.0 cdk /codebuild/output/src891487954/src 
> cdk "synth" "-o" "dist" 

You are not authorized to perform this operation. 
npm verb lifecycle dvi-infrastructure-cdk@0.1.0~cdk: unsafe-perm in lifecycle true 
npm verb lifecycle dvi-infrastructure-cdk@0.1.0~cdk: PATH: /usr/local/lib/node_modules/npm/node_modules/npm-lifecycle/node-gyp-bin:/codebuild/output/src891487954/src/node_modules/.bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 
npm verb lifecycle dvi-infrastructure-cdk@0.1.0~cdk: CWD: /codebuild/output/src891487954/src 
npm info lifecycle dvi-infrastructure-cdk@0.1.0~cdk: Failed to exec cdk script 
npm verb stack Error: dvi-infrastructure-cdk@0.1.0 cdk: `cdk "synth" "-o" "dist"` 
npm verb stack Exit status 1 
npm verb stack     at EventEmitter.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/npm-lifecycle/index.js:285:16) 
npm verb stack     at EventEmitter.emit (events.js:182:13) 
npm verb stack     at ChildProcess.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/npm-lifecycle/lib/spawn.js:55:14) 
npm verb stack     at ChildProcess.emit (events.js:182:13) 
npm verb stack     at maybeClose (internal/child_process.js:957:16) 
npm verb stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:246:5) 
npm verb pkgid dvi-infrastructure-cdk@0.1.0 
npm verb cwd /codebuild/output/src891487954/src 
npm verb Linux 4.14.114-83.126.amzn1.x86_64 
npm verb argv "/usr/local/bin/node" "/usr/local/bin/npm" "run" "cdk" "synth" "--loglevel" "verbose" "--" "-o" "dist" 
npm verb node v10.1.0 
npm verb npm  v5.6.0 
npm ERR! code ELIFECYCLE 
npm ERR! errno 1 
npm ERR! dvi-infrastructure-cdk@0.1.0 cdk: `cdk "synth" "-o" "dist"` 
npm ERR! Exit status 1 
npm ERR!  
npm ERR! Failed at the dvi-infrastructure-cdk@0.1.0 cdk script. 
npm ERR! This is probably not a problem with npm. There is likely additional logging output above. 
npm verb exit [ 1, true ] 

npm ERR! A complete log of this run can be found in: 
npm ERR!     /root/.npm/_logs/2019-06-06T19_20_13_082Z-debug.log 

[Container] 2019/06/06 19:20:13 Command did not exit successfully npm run cdk synth --loglevel verbose -- -o dist exit status 1 
[Container] 2019/06/06 19:20:13 Phase complete: BUILD State: FAILED 
[Container] 2019/06/06 19:20:13 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: npm run cdk synth --loglevel verbose -- -o dist. Reason: exit status 1
4

1 回答 1

12

我已经能够通过npm run cdk synth -- -v -o dist在我的buildspec.yml. 有了这个,我得到了以下错误:

Some context information is missing. Fetching... 
Reading AZs for 244496089465:us-west-2 
Using default AWS SDK credentials for account 244496089465 
You are not authorized to perform this operation. 
UnauthorizedOperation: You are not authorized to perform this operation. 
    at Request.extractError (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/services/ec2.js:50:35) 
    at Request.callListeners (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/sequential_executor.js:106:20) 
    at Request.emit (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/sequential_executor.js:78:10) 
    at Request.emit (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:683:14) 
    at Request.transition (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:22:10) 
    at AcceptorStateMachine.runTo (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/state_machine.js:14:12) 
    at /codebuild/output/src133069252/src/node_modules/aws-sdk/lib/state_machine.js:26:10 
    at Request.<anonymous> (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:38:9) 
    at Request.<anonymous> (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/request.js:685:12) 
    at Request.callListeners (/codebuild/output/src133069252/src/node_modules/aws-sdk/lib/sequential_executor.js:116:18)

ec2:DescribeAvailabilityZones因此,通过在 codebuild 角色中添加以下权限解决了我的问题

于 2019-06-06T21:28:20.773 回答