Insufficient permissions — Unable to access the artifact with Amazon S3
Confusing Errors | AWS | S3 | Insufficient permissions | No file
You might have a AWS CodePipeline with following configurations
- Source - AWS CodeCommit, Amazon S3
- Build - AWS CodeBuild
- Deploy - AWS CodeDeploy
Have you ever encountered this error from AWS CodePipeline with AWS CodeBuild and AWS CodeDeploy when trying to access an artifact from a S3 bucket?
Insufficient permissions
Unable to access the artifact with Amazon S3 object key 'DevPipeline/BuildArtifact/kxh7fHZ' located in the Amazon S3 artifact bucket 'dev-codepipeline-us-east-1-xxxxx'. The provided role does not have sufficient permissions.
Note that this might be due to your AWS CodeBuild or AWS CodeDeploy Role actually not having correct permissions to access the artifact S3 bucket object.
But..
What I am going to talk here is an occasion where you will encounter this error due to another reason, where it is quite a bit confusing!
This happens when AWS CodeDeploy cannot find the build artifact from AWS CodeBuild. If you go into the S3 bucket and check the path you would actually see that the artifact object is NOT THERE!
Even though the error says about a permission issue. This can happen due the absent of the artifact object.
Possible Solution to this issue:
This maybe because the artifact object does not exist. Add artifacts to the buildspec.yml and configure AWS Codepipeline stages properly specifying artifact object name.
Other possible causes:
- Maybe you are trying to access an incorrect path for the artifact object
- Maybe the object is not there when you try to access. (maybe deleted)