aws 部署错误 ebcli.objects.exceptions.NotAuthorizedError:操作被拒绝。拒绝访问
Posted
技术标签:
【中文标题】aws 部署错误 ebcli.objects.exceptions.NotAuthorizedError:操作被拒绝。拒绝访问【英文标题】:aws deployment error ebcli.objects.exceptions.NotAuthorizedError: Operation Denied. Access Denied 【发布时间】:2021-10-07 22:46:27 【问题描述】:我一直在尝试使用 eb create django-env 将我的 python 程序部署到 aws,但它一直在产生这个错误
NotAuthorizedError - Operation Denied. Access Denied
在进一步深入挖掘 eb create --debug 时,它产生了这个错误
ebcli.lib.aws.InvalidParameterValueError: Platform ARN is invalid: Not an IAM ARN: 64bit Amazon Linux 2 v3.3.4 running Python 3.8.
当它到达 Select a load balancer type 部分时,我选择了选项 2,即应用程序
但是当我为Select a load balancer type section 选择option 1 i.e. classic 时,它产生了
ebcli.objects.exceptions.NotAuthorizedError: Operation Denied. Access Denied
这是错误信息
2021-08-01 09:38:36,597 (DEBUG) ebcli.core.fileoperations : File size: 78041269
2021-08-01 09:38:36,612 (DEBUG) ebcli.lib.elasticbeanstalk : Inside get_storage_location api wrapper
2021-08-01 09:38:36,612 (DEBUG) ebcli.lib.aws : Making api call: (elasticbeanstalk, create_storage_location) to region:us-west-2 with args:
2021-08-01 09:38:38,811 (DEBUG) ebcli.lib.aws : API call finished, status = 200
2021-08-01 09:38:38,811 (DEBUG) ebcli.lib.aws : Response: 'S3Bucket': 'elasticbeanstalk-us-west-2-395403681453', 'ResponseMetadata': 'RequestId': '2a9c9762-4a6d-46e0-9a28-c92a300b3a8c', 'HTTPStatusCode': 200, 'date': 'Sun, 01 Aug 2021 08:38:39 GMT', 'RetryAttempts': 0
2021-08-01 09:38:38,811 (DEBUG) ebcli.lib.aws : Creating new Botocore Client for s3
2021-08-01 09:38:38,906 (DEBUG) ebcli.lib.aws : Successfully created session for s3
2021-08-01 09:38:38,906 (DEBUG) ebcli.lib.aws : Making api call: (s3, list_objects) to region: us-west-2 with args:'Bucket': 'elasticbeanstalk-us-west-2-395403681453', 'Prefix': 'django-tutotrial/app-210801_093611.zip'
2021-08-01 09:38:41,130 (DEBUG) ebcli.lib.aws : API call finished, status = 200
2021-08-01 09:38:41,130 (DEBUG) ebcli.lib.aws : Response: 'ResponseMetadata': 'RequestId': 'CJTFFNJ9QBMJAQWW', 'HostId': 'rY/gGdjoVhTa3Z2JgGgQAtGlQnf9Gg/ksaJjQmEF3zgxt9n+ddNL82b7HngUg1If4j4M4R6c2iA=', 'HTTPStatusCode': 200, 'date': 'Sun,01 Aug 2021 08:38:43 GMT', 'RetryAttempts': 0, 'IsTruncated': False, 'Marker': '', 'Name': 'elasticbeanstalk-us-west-2-395403681453', 'Prefix': 'django-tutotrial/app-210801_093611.zip', 'MaxKeys': 1000, 'EncodingType': 'url'
2021-08-01 09:38:41,130 (INFO) eb : Uploading archive to s3 location: django-tutotrial/app-210801_093611.zip
2021-08-01 09:38:41,135 (DEBUG) ebcli.core.fileoperations : Project root found at: C:\users\system1\django\firstproject
2021-08-01 09:38:41,135 (DEBUG) ebcli.lib.s3 : Upload Application Version. File size = 78041269
2021-08-01 09:38:41,135 (DEBUG) ebcli.lib.s3 : Doing multi-threaded upload. Parts Needed=15
2021-08-01 09:38:41,140 (DEBUG) ebcli.lib.aws : Making api call: (s3, list_multipart_uploads) to region: us-west-2 withargs:'Bucket': 'elasticbeanstalk-us-west-2-395403681453', 'Prefix': 'django-tutotrial/app-210801_093611.zip'
2021-08-01 09:38:41,635 (DEBUG) ebcli.lib.aws : Response: 'Error': 'Code': 'AccessDenied', 'Message': 'Access Denied', 'ResponseMetadata': 'RequestId': 'CJT8SW62G2YGRV15', 'HostId': 'zBtbEFfyKXfyCev+TIb84iVzuvFoFa9KTgUQZ/CQR99QS0urPPu+oJjnO/sJbKLHLbsiSqwuOPk=', 'HTTPStatusCode': 403, 'date': 'Sun, 01 Aug 2021 08:38:41 GMT', 'RetryAttempts': 0
2021-08-01 09:38:41,640 (DEBUG) ebcli.lib.aws : API call finished, status = 403
2021-08-01 09:38:41,640 (DEBUG) ebcli.lib.aws : Received a 403
2021-08-01 09:38:41,885 (INFO) eb : Traceback (most recent call last):
File "c:\users\system1\django\venv\lib\site-packages\ebcli\operations\commonops.py", line 540, in create_app_
version
s3.get_object_info(bucket, key)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 90, in get_object_info
__raise_if_bucket_is_empty(result)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 53, in __raise_if_bucket_is_empty
raise NotFoundError('Object not found.')
ebcli.objects.exceptions.NotFoundError: Object not found.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\aws.py", line 212, in make_api_call
response_data = operation(**operation_options)
File "c:\users\system1\django\venv\lib\site-packages\botocore\client.py", line 386, in _api_call
return self._make_api_call(operation_name, kwargs)
File "c:\users\system1\django\venv\lib\site-packages\botocore\client.py", line 705, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the ListMultipartUploads operation: Access Denied
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\users\system1\django\venv\lib\site-packages\ebcli\core\ebrun.py", line 62, in run_app
app.run()
File "c:\users\system1\django\venv\lib\site-packages\cement\core\foundation.py", line 797, in run
return_val = self.controller._dispatch()
File "c:\users\system1\django\venv\lib\site-packages\cement\core\controller.py", line 472, in _dispatch
return func()
File "c:\users\system1\django\venv\lib\site-packages\cement\core\controller.py", line 478, in _dispatch
return func()
File "c:\users\system1\django\venv\lib\site-packages\ebcli\core\abstractcontroller.py", line 92, in default
self.do_command()
File "c:\users\system1\django\venv\lib\site-packages\ebcli\controllers\create.py", line 281, in do_command
createops.make_new_env(env_request,
File "c:\users\system1\django\venv\lib\site-packages\ebcli\operations\createops.py", line 75, in make_new_env
commonops.create_app_version(env_request.app_name, process=process_app_version,
File "c:\users\system1\django\venv\lib\site-packages\ebcli\operations\commonops.py", line 548, in create_app_version
s3.upload_application_version(bucket, key, file_path)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 149, in upload_application_version
upload_workspace_version(bucket, key, file_path, 'Application')
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 144, in upload_workspace_version
result = multithreaded_upload(bucket, key, file_path)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 178, in multithreaded_upload
upload_id = _get_multipart_upload_id(bucket, key)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 311, in _get_multipart_upload_id
response = _make_api_call('list_multipart_uploads',
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\s3.py", line 40, in _make_api_call
return aws.make_api_call('s3', operation_name, **operation_options)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\aws.py", line 221, in make_api_call_handle_response_code(e.response, attempt, aggregated_error_message)
File "c:\users\system1\django\venv\lib\site-packages\ebcli\lib\aws.py", line 289, in _handle_response_code
raise NotAuthorizedError('Operation Denied. ' + message)
ebcli.objects.exceptions.NotAuthorizedError: Operation Denied. Access Denied
这可能是什么原因。当我在 aws 上检查用户的帐户时,我可以看到几分钟前发生了一项活动。在eb create 操作期间
这表明问题出在 aws 本身,但某些授权未到位。
我最初认为这是一个凭证问题。在稍后检查我链接的帐户时,我看到该用户的帐户上次活动已更改
-
请问我该如何纠正这个错误?
如何在 aws 中找到特定用户的错误日志?
我的 ws 帐户有什么需要我做的吗?我已经创建了凭据,并且帐户显示通过更新与用户相关的 lst 活动时间在其上发生了一些活动
我需要对我的 aws 帐户进行某些配置吗?
【问题讨论】:
尝试查看CloudTrail event history 和CloudWatch logs。 @Hcaertnit 谢谢。我能够得到一些错误日志。"errorCode":"LimitExceededException",,"errorCode":"EntityAlreadyExistsException",。我仍在研究我能做些什么来解决这个问题
【参考方案1】:
就我而言,我通过将此策略添加到用户的策略列表中解决了这个问题:“AmazonS3FullAccess”
【讨论】:
以上是关于aws 部署错误 ebcli.objects.exceptions.NotAuthorizedError:操作被拒绝。拒绝访问的主要内容,如果未能解决你的问题,请参考以下文章
如何解决 AWS 部署中的“Cannot Get /”错误?
AWS SAM 部署错误 - 验证错误 | CreateChangeSet 操作错误
AWS - 错误 - 更新 Auto Scaling 组、Amazon CloudFormation、无法部署配置