Unable to deploy pipeline to AWS CI/CD account - amazon-web-services

I am trying to deploy pipeline to CI/CD account. However I'm getting below error.
npm run cdk deploy LandingPagePipelineStack -- --profile cicd
> landingpage#0.3.13 cdk
> cdk deploy LandingPagePipelineStack --profile cicd
Failed to get credentials for "cicd" profile. Make sure to run "aws configure sso --profile cicd && aws sso login --profile cicd"
I have also tried to logged in using below command and it was successful.
aws configure sso --profile cicd && aws sso login --profile cicd
I'm following step number 5 at AWS tutorial.
Please help me to deploy pipeline to CI/CD account.

After you execute the command in the output (aws configure sso --profile cicd && aws sso login --profile cicd) you should be able to simply execute npm run cdk deploy LandingPagePipelineStack -- --profile cicd
Make sure that any time you want to execute cdk with sso context, that you have active temp credentials, by executing sso login

Related

AWS CDK deploy from circleCi fails with credential error but other aws services do not

I am running a cdk deploy build on circleCi, and when the step CDK deploy comes it gives me "Need to perform AWS calls for account ************, but no credentials have been configured".
But for the troubleshooting i tried other commands as well like
aws s3 ls
aws aws cloudformation list-stacks
These above commands we working fine, also able to run command to create a cloudformation with same config but not able to run cdk deploy. the access key and secret i am using has Admin access.
Set the creds with a profile name using aws-cli Orb in CircleCI and
try using the below command to deploy with CDK
cdk deploy --all --profile cdkprofile
For reference, in CircleCI
orbs:
aws-cli: circleci/aws-cli#2.0.3
commands:
env-setup:
description: AWS Env Setup
steps:
- aws-cli/setup:
profile-name: cdkprofile
aws-access-key-id: AWS_ACCESS_KEY_ID
aws-secret-access-key: AWS_SECRET_ACCESS_KEY
And assumption is AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are set as CircleCI env variables
As a starting note: The best way to troubleshoot is with cdk [command] --verbose (see CLI ref)
CDK has an internal mechanism for finding credentials not directly using AWS CLI (AWS CLI is not a requirement for CDK to run)
In a similar situation with a CI tool, the issue was simply that the ~/.aws/credentials file did not exist (not that you need it with AWS CLI, but in the situation for CDK, it was required)
Credit to this issue reporting: https://github.com/aws/aws-cdk/issues/6947#issue-586402006
Solution tested for above:
For an EC2 running CI tool, with EC2 IAM role
Where ~/.aws/config exists and defined profile(s) with:
credential_source = Ec2InstanceMetadata
role_arn = arn:aws:iam:::role/role-to-assume-in-acctId
Create empty ~/.aws/credentials file
Example error for the problem solved above (from verbose output)
Resolving default credentials
Notices refreshed
Unable to determine the default AWS account: ProcessCredentialsProviderFailure: Profile myprofile did not include credential process
Other causes found in other issues/comments could relate to:
Duplicate profiles
Having credential_process in the profile, set to empty
Needing --profile parameter to be added

How to run codepipeline from AWS chatbot

I'm trying to run AWS codepipeline from slack using AWS chatbot feature. I've configured a chatbot properly and it is giving me appropriate response when I'm running a command
#aws codepipeline list-pipelines --region us-east-1
With this command it is showing me all the configured codepipelines in my AWS account.
However when I'm trying to run a pipeline using
#aws codepipeline start-pipeline-execution --name dev-pipeline
I'm getting following error.
I can't run the command codepipeline start-pipeline-execution because it isn't enabled.
There's no option I can see in AWS Chatbot to enable this pipeline.
I'm able to run this same pipeline using AWS CLI and its working perfectly fine.
Can someone please give me any pointer to configure AWS Chatbot from Slack to run AWS Codepipeline?

How to create Amplify React app from AWS CLI

I have problem that I want to create AWS Amplify React app in our CI pipeline. How do I create Amplify app from AWS CLI? Files should come from S3. Git is not an option in this case.
aws --profile master amplify create-app --name appName
This command creates amplify app, but how do i get it to use S3 files, zipped or not.
Execute following aws-cli commands; There can be different combinations of commands as well.
Step 1: To create app with name as appName. aws amplify create-app --name appName --region eu-west-1
Step 2: To create branch. aws amplify create-branch --region eu-west-1 --app-id "{appId from Step 1 here}" --branch-name "master". There are other ways to create branch as well.
Step 3: To deploy. aws amplify start-deployment --region eu-west-1 --app-id "{appId from Step 1 here}" --branch-name "master" --source-url "s3://{s3-bucket-name}/app_src_package.zip"
Step 4: To verify deployment status, aws amplify get-job --region eu-west-1 --app-id "{appId from Step 1 here}" --branch-name "master" --job-id "{jobId from Step 3 here}"
Note: Make sure your IAM user/role has required amplify & s3 policies.

AWS SAM deployed Error under hello world template

I'm currently working on AWS serverless lambda function deployment and try to distribute and test with AWS SAM. However, when I followed the AWS SAM hello world template tutorial on official website, I can't really deploy my code to AWS.
I've already
Assigned a working IAM account
Install every package we need for AWS SAM (brew, aws-sam-cli...etc)
Set up AWS configuration
Using a function template provided by AWS
Yet, I got error message
Error: Stack aws-sam-cli-managed-default is missing Tags and/or
Outputs information and therefore not in a healthy state (Current
state:aws-sam-cli-managed-default). Failing as the stack was likely
not created by the AWS SAM CLI
Took me a minute to figure out too.
Open up CloudFormation in AWS and delete the aws-sam-cli-managed-default stack then try to redeploy.
Every time your deploy fails you'll likely have to do this again.
It's aws credentials error - because you not configure it right or not config at all.
If you didn't have aws cli installed on your computer, find aws cli installer for
your filesystem, for mac it's https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html.
Go to https://console.aws.amazon.com/iam and create new user with AdministratorAccess permission and get aws_access_key_id and aws_secret_access_key.
Go to your terminal and type aws configure.
Enter your credentials.
Try to run sum build && sum deploy --guided
Now it's need to work.
Like #Eli Meiler says, it may well be a credential issue. If you need to see more details here try
$ aws cloudformation describe-change-set --change-set-name InitialCreation --stack-name aws-sam-cli-managed-default
...FAILED User: arn:aws:iam::123:user/<human user> is not authorized to perform:
cloudformation:CreateChangeSet
on resource: arn:aws:cloudformation:eu-central-1:aws:transform/Serverless-2016-10-31
with an explicit deny in an identity-based policy
EDIT
Even though I had full permissions in that AWS account, what I was not aware was that MFA / 2-factor auth is kinda troublesome here.
The advice that worked for me was this github comment to
generate an sts token
set the env vars and
then try sam deploy --guided again
$ aws sts get-session-token --serial-number arn:aws:iam::<account_id>:mfa/<human.user> --duration-seconds 15000 --token-code 123456

AWS Lambda Serverless deploy asking for AWS provider credentials

I have configured serverless with key and secret.
When i try to run serverless deploy it says:
ServerlessError: AWS provider credentials not found. Learn how to set up AWS provider credentials in our docs here:.
Please help me what to do
This is how to setup AWS credentials on the local:
Sign in to AWS console
Go to your AWS account overview
Account menu in the upper-right (has your name on it)
sub-menu: Security Credentials
Copy <Access Key ID>
Copy <Secret Access Key>
Run on local serverless config credentials --provider aws --key <Access Key ID> --secret <Secret Access Key>
You can set up your serverless credentials by using the serverless config credentials command, with --provider aws and using --key and --secret to set your AWS Access Key ID and Secret Access Key, respectively.
See the Serverless AWS - Config Credentials documentation for Serverless specifics, and this AWS document on security credentials in case you need to figure out what your credentials are.
Also give your profile and region configuration in your yml file
provider:
name: aws
runtime: python2.7
lambdaHashingVersion: 20201221
profile: 'serverless-admin'
region: 'us-east-1'
I had the same problem. I try everything. I configure my credentials (AWS key and secret) with both aws cli and serverless cli but still got that same error when I run:
sls deploy -v
I was using CMD before then I realize something when I run the command
aws configure list
the output is
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************SOU5 shared-credentials-file
secret_key ****************Cki5 shared-credentials-file
region eu-west-1 config-file ~/.aws/config
the path of the config file is
~/.aws/config
and CMD don't know what ~/ PATH IS but Bash does know
😈
then I run the
sls deploy -v
on bash terminal and it worked 🎉🙌🙌🎉🐱‍🏍
For those who has the same problem, even when already configured the AWS credentials for serverless, by running the command serverless config credentials:
I had the same problem; even when I had set up properly my AWS credentials on serverless, when I run the serverless deploy command, I got this: ServerlessError: AWS provider credentials not found.
How did I solved it? By installing and configuring the AWS CLI Tool. Once I installed it and configured it with my AWS credentials, and then run again the serverless deploy command, it just works fine.
I guess the serverless command, behind the scenes, uses the AWS CLI to access AWS and provision the AWS resources.
I hope this could be helpful for someone.