Menu
I'm setting up a CodePipeline, and I created an action to fetch the source from GitHub.
This requires to set up a connection, which I did, and things look fine also on GitHub's side.
However, if I release a change to the pipeline, I see the following error at the source stage:
Insufficient permissions
Unable to use Connection: arn:aws:codestar-connections:us-east-1:REDACTED:connection/REDACTED. The provided role does not have sufficient permissions.
I added full CodeStar access to the pipeline's service role (which I found in the pipeline settings) and looks like this:
arn:aws:iam::REDACTED:role/service-role/AWSCodePipelineServiceRole-us-east-1-REDACTED
Does anybody have any idea of what might be missing? Thanks!
419
You can work with tags in AWS CodeStar Connections by calling the following: ListTagsForResource, which gets information about AWS tags for a specified Amazon Resource Name (ARN) in AWS CodeStar Connections.
When an action does not complete successfully in CodePipeline, the action fails and the pipeline pauses, halting the progression of your change through the pipeline.
Start a pipeline manually (console)Sign in to the AWS Management Console and open the CodePipeline console at http://console.aws.amazon.com/codesuite/codepipeline/home . In Name, choose the name of the pipeline you want to start. On the pipeline details page, choose Release change.
The solution was to add this bit to the policy of the service role:
{
"Effect": "Allow",
"Action": "codestar-connections:UseConnection",
"Resource": "insert ARN of the CodeStar connection here"
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With