Menu
When I create a brand new CodeBuild project, it allows me to select an IAM Service Role, and when I check the box "Allow AWS CodeBuild to modify this service role so it can be used with this build project", AWS modifies that Service Role with a custom policy that's specific to this role.
But If after creating that CodeBuild project I want to attach a different service role to it, I keep getting the below message saying "The policy was not attached ot role [x]"
I'm pretty sure I'm missing a permission somewhere, but I'm not sure where.
Edit with more troubleshooting data:
If I uncheck the box "Allow aws [...]" It allows me to update the CodeBuild project configuration, but all subsequent builds fail at startup. This is expected.
If I try to re-add the original service role I added to this project when I created it, it lets me add it without any problems.
464
I had the similar issue when I tried creating a more generic role that can be used by all of my CodeBuild projects. The way I got around it is I unchecked the "Allow AWS CodeBuild to modify this service role so it can be used with this build project" checkbox
I had to ensure that the role I'm attaching had all the necessary IAM permissions for my subsequent builds to keep running
96
I had the same issue and noticed that the previous role that was assigned to the CodeBuild project also had a Managed policy attached that had been added when the project was originally created. This role was named similar to this:
CodeBuildBasePolicy-project-name-us-west-2
I attached this policy to the new Role and detached it from the old role.
After this I was able to select "Update environment" and did not receive the error message.
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
