【发布时间】:2017-02-22 09:51:49
【问题描述】:
我昨天能够成功地将代码部署到 ec2 实例,今天部署时突然出现奇怪的错误。
错误:
The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems. (Error code: HEALTH_CONSTRAINTS)
然后我在 ec2 实例的日志文件中发现了问题,如下所示
"InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Missing credentials - please check if this instance was started with an IAM instance profile"
所以我检查了我的 ec2 实例是否真的通过如下操作正确承担角色
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/CodeDeployInstanceRole
它显示在输出下方
{
"Code" : "AssumeRoleUnauthorizedAccess",
"Message" : "EC2 cannot assume the role CodeDeployInstanceRole. Please see documentation at http://docs.amazonwebservices.com/IAM/latest/UserGuide/RolesTroubleshooting.html.",
"LastUpdated" : "2017-01-27T06:23:24Z"
}
我创建了正确设置的两个实例角色 CodeDeployInstance Role(AmazonEC2RoleforAWSCodeDeploy 策略) 和 CodeDeployServiceRole(AWSCodeDeployRole 策略)。我在启动时向 ec2 实例添加了实例角色。但不确定为什么我的 ec2 实例无法承担实例角色。
【问题讨论】:
标签: amazon-web-services amazon-ec2 amazon-iam aws-code-deploy