英文:
The instance profile associated with the environment does not exist
问题
我使用CodePipeline集成我的GitHub存储库,并在尝试使用AWS Elastic Beanstalk部署我的Flask应用程序时遇到了错误。
我尝试查找错误,得知我的环境甚至没有启动。
图片链接
英文:
I used CodePipeline to integrate my GitHub Repo and encountered an error when I tried to deploy my Flask application using AWS Elastic Beanstalk.
I tried to find the error and I got to know that my environment didn't even launch.
enter image description here
答案1
得分: 1
问题出现是由于AWS的安全策略,它阻止Elastic Beanstalk创建自己的实例配置文件。现在,环境需要一个实例配置文件,因为它为运行您的应用程序的EC2实例提供必要的权限和访问权限。
手动创建实例配置文件的步骤:
- 搜索“IAM”
- 用户>添加用户>用户名>设置权限
- 选择直接附加策略,并添加以下4个权限(AdministratorAccess、AWSElasticBeanstalkMulticontainerDocker、AWSElasticBeanstalkWebTier、AWSElasticBeanstalkWorkerTier)
[创建角色]
- 角色>创建角色>{实体类型:AWS服务,用例:EC2>权限:与上述相同}
[使用刚刚创建的用户ARN链接角色到用户]
- 选择角色>信任关系>编辑信任策略>添加主体 - {主体类型:IAM角色,ARN:用户ARN}>更新策略
[创建新环境]
- 服务访问 -(使用现有服务角色 - {现有服务角色:创建的角色,EC2实例配置文件:创建的角色})
[我们已成功启动一个环境]
英文:
The issue arises due to the security policies of AWS, which prevents Elastic Beanstalk from creating it's own instance profile. Now, an instance profile is required for an environment because it provides the necessary permissions and access rights to the EC2 instances that run your application.
Steps to manually create an instance profile:
- search for "IAM"
- Users>Add users>username>set permissions
- select Attach policies directly and add these 4 permissions (AdministratorAccess, AWSElasticBeanstalkMulticontainerDocker, AWSElasticBeanstalkWebTier, AWSElasticBeanstalkWorkerTier)
[create a Role]
- Roles>create role>{entity type: AWS service, use case: EC2>permissions:same as above}
- Select Role>Trust relationships>Edit trust policy>Add a principal - {principal type: IAM Roles, ARN: user arn}>Update Policy
[Create a new environment]
- Service access - (use an existing service role - {existing service role: Role_created, EC2 instance profile: Role_created})
[We have successfully launched an environment]
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论