Hi,
We recently switched to using S3 for artifact storage. We have a plan which has a shared artifact. The job which generates the artifact successfully uploads the artifact to S3 but the job which consumes that artifact is erroring with (obfuscated);
| 15-Jun-2015 17:18:00 | Preparing artifact 'ABC' for use at ABC |
| 15-Jun-2015 17:18:00 | Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: ABC123ABC123) |
| 15-Jun-2015 17:18:00 | Failure in artifact preparation phase during processing of: Subscription for Shared artifact: [ABC], pattern: [**/*] anchored at: [/ABC/ABC/bin], destination: [ABC] |
| 15-Jun-2015 17:18:00 | 1 error(s) found when performing pre-build actions. |
The IAM account that bamboo is using has the following policy;
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1234383843000",
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": [
"arn:aws:s3:::*"
]
},
{
"Sid": "Stmt1234383879000",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::atlassian-net-bamboo-artifacts/*"
]
}
]
}Any ideas what permission we are missing? Using the AWS policy simulator I can see that the IAM account has permissions to all actions in the specified bucket.
Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.