Codepipeline: Insufficient permissions Unable to access the artifact with Amazon S3 object key

Question

Hello I created a codepipeline project with the following configuration:

• Source Code in S3 pulled from Bitbucket.
• Build with CodeBuild, generating an

Answer 1

This happens when AWS CodeDeploy cannot find the build artifact from AWS CodeBuild. If you go into the S3 bucket and check the path you would actually see that the artifact object is NOT THERE!

Even though the error says about a permission issue. This can happen due the absent of the artifact object.

Solution: Properly configure artifacts section in buildspec.yml and configure AWS Codepipeline stages properly specifying input and output artifact names.

artifacts:
  files:
    - '**/*'
  base-directory: base_dir
  name: build-artifact-name
  discard-paths: no

Refer this article - https://medium.com/@shanikae/insufficient-permissions-unable-to-access-the-artifact-with-amazon-s3-247f27e6cdc3

Answer 2

I was able to find a solution. The true issue is that when the deployment provider is set as Amazon ECS, we need to generate an output artifact indicating the name of the task definition and the image uri, for example:

post_build:
    commands:
      - printf '[{"name":"your.task.definition.name","imageUri":"%s"}]' $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG > imagedefinitions.json

artifacts:
    files: imagedefinitions.json