Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

aws-code-deploy on S3 bucket with encryption

Fulvio Nigrisoli
Fulvio Nigrisoli
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 13, 2024

Dear Support,

I have created a pipeline to deploy on AWS, using aws-code-deploy pipe and everything is working fine until the S3 bucket encryption is disabled.

Using the pipe aws-s3-deploy and the extra args --see aws:kms It's working as well, but after that I'm not able to deploy using aws-code-deploy (deploy).

There is a way to use pipe aws-code-deploy (upload) to upload on S3 with encrypion  ?

Thanks in advance

Answer
Watch
Like Be the first to like this
362 views

1 answer

1 vote
Oleksandr Kyrdan
Oleksandr Kyrdan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 15, 2024

Hi @Fulvio Nigrisoli 

Thanks for your question!

Please, provide us with more details about this case:

  • bitbucket-pipelines.yml file
  • logs output of the pipeline's build

 

Best regards,
Oleksandr Kyrdan

View More Comments
Fulvio Nigrisoli
Fulvio Nigrisoli
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 18, 2024

Sure.
Here with pipeline:

image: atlassian/default-image:3

artifact: &artifact
step:
name: Create artifact
script:
- zip -r artifact/file.zip . -x "artifact/*" -x ".git/*"
artifacts:
- artifact/*

upload: &upload
step:
name: Upload to S3 with CodeDeploy
script:
- source artifact/set_env.sh
- pipe: atlassian/aws-code-deploy:1.5.0
variables:
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION}
COMMAND: 'upload'
APPLICATION_NAME: ${AWS_APPLICATION_NAME}
DEPLOYMENT_GROUP: ${AWS_DEPLOYMENT_GROUP}
WAIT: 'true'
S3_BUCKET: ${AWS_S3_BUCKET}
FOLDER: ${AWS_S3_BUCKET_FOLDER}
ZIP_FILE: 'artifact/file.zip'
#DEBUG: 'true'

deploy: &deploy
step:
name: Deploy with CodeDeploy
script:
- source artifact/set_env.sh
- pipe: atlassian/aws-code-deploy:1.5.0
variables:
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION}
COMMAND: 'deploy'
APPLICATION_NAME: ${AWS_APPLICATION_NAME}
DEPLOYMENT_GROUP: ${AWS_DEPLOYMENT_GROUP}
IGNORE_APPLICATION_STOP_FAILURES: 'true'
FILE_EXISTS_BEHAVIOR: 'OVERWRITE'
WAIT: 'true'
S3_BUCKET: ${AWS_S3_BUCKET}
FOLDER: ${AWS_S3_BUCKET_FOLDER}
#DEBUG: 'true'

pipelines:
branches:
stage:
- step:
name: Setting environment
script:
- mkdir artifact
- echo "export AWS_DEPLOYMENT_GROUP=xxxx" > artifact/set_env.sh
- echo "export AWS_APPLICATION_NAME=xxxx" >> artifact/set_env.sh
- echo "export AWS_S3_BUCKET=xxxx" >> artifact/set_env.sh
- echo "export AWS_S3_BUCKET_FOLDER=xxxx" >> artifact/set_env.sh
- echo "export AWS_DEFAULT_REGION=xxxx" >> artifact/set_env.sh
- echo "export AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID_STAGE}" >> artifact/set_env.sh
- echo "export AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY_STAGE}" >> artifact/set_env.sh
artifacts:
- artifact/set_env.sh
- <<: *artifact
- <<: *upload
- <<: *deploy

Here with log (encryption on S3 bucket enabled)

Status: Downloaded newer image for bitbucketpipelines/aws-code-deploy:1.5.0
93
INFO: Using default authentication with AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
94
INFO: Executing the aws-ecr-push-image pipe...
95
INFO: Uploading artifact/file.zip to S3.
96
INFO: Found credentials in environment variables.
97
✖ Failed to upload artifact/file.zip to S3
98
An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

 

the same script is working fine if I disdable the encryption on S3 bucket

Like Sabine Mayer likes this
Oleksandr Kyrdan
Oleksandr Kyrdan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 22, 2024

@Fulvio Nigrisoli 

Your error relates to AWS resources setup. So, try to extend permissions.

 

Best regards,
Oleksandr Kyrdan

Like Sabine Mayer likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events