We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terraform pipeline returns the following error where running get_accounts.py script
34 | INFO:main:Management Account ID: 222 35 | Traceback (most recent call last): 36 | File "adf-build/helpers/terraform/get_accounts.py", line 190, in 37 | main() 38 | File "adf-build/helpers/terraform/get_accounts.py", line 31, in main 39 | accounts = get_accounts() 40 | File "adf-build/helpers/terraform/get_accounts.py", line 70, in get_accounts 41 | organizations = get_boto3_client( 42 | File "adf-build/helpers/terraform/get_accounts.py", line 145, in get_boto3_client 43 | role = sts.assume_role( 44 | File "/root/.pyenv/versions/3.8.17/lib/python3.8/site-packages/botocore/client.py", line 565, in _api_call 45 | return self._make_api_call(operation_name, kwargs) 46 | File "/root/.pyenv/versions/3.8.17/lib/python3.8/site-packages/botocore/client.py", line 1021, in _make_api_call 47 | raise error_class(parsed_response, operation_name) 48 | botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: User: arn:aws:sts::111:assumed-role/adf-codebuild-role/AWSCodeBuild-83a8ffad-f4fc-4d89-83a6-9d32d4d83dd2 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::222:role/adf/organizations/adf-organizations-readonly `
get_accounts.py should ends properly and return the list of target account IDs
Terraform apply stage fails with the following error
Run a terraform pipeline
No response
4.0.0
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Is there an existing issue for this?
Describe the bug
Terraform pipeline returns the following error where running get_accounts.py script
`
[Container] 2024/07/08 21:29:23.374503 Running command python adf-build/helpers/terraform/get_accounts.py
34 | INFO:main:Management Account ID: 222
35 | Traceback (most recent call last):
36 | File "adf-build/helpers/terraform/get_accounts.py", line 190, in
37 | main()
38 | File "adf-build/helpers/terraform/get_accounts.py", line 31, in main
39 | accounts = get_accounts()
40 | File "adf-build/helpers/terraform/get_accounts.py", line 70, in get_accounts
41 | organizations = get_boto3_client(
42 | File "adf-build/helpers/terraform/get_accounts.py", line 145, in get_boto3_client
43 | role = sts.assume_role(
44 | File "/root/.pyenv/versions/3.8.17/lib/python3.8/site-packages/botocore/client.py", line 565, in _api_call
45 | return self._make_api_call(operation_name, kwargs)
46 | File "/root/.pyenv/versions/3.8.17/lib/python3.8/site-packages/botocore/client.py", line 1021, in _make_api_call
47 | raise error_class(parsed_response, operation_name)
48 | botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: User: arn:aws:sts::111:assumed-role/adf-codebuild-role/AWSCodeBuild-83a8ffad-f4fc-4d89-83a6-9d32d4d83dd2 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::222:role/adf/organizations/adf-organizations-readonly
`
Expected Behavior
get_accounts.py should ends properly and return the list of target account IDs
Current Behavior
Terraform apply stage fails with the following error
`
[Container] 2024/07/08 21:29:23.374503 Running command python adf-build/helpers/terraform/get_accounts.py
34 | INFO:main:Management Account ID: 222
35 | Traceback (most recent call last):
36 | File "adf-build/helpers/terraform/get_accounts.py", line 190, in
37 | main()
38 | File "adf-build/helpers/terraform/get_accounts.py", line 31, in main
39 | accounts = get_accounts()
40 | File "adf-build/helpers/terraform/get_accounts.py", line 70, in get_accounts
41 | organizations = get_boto3_client(
42 | File "adf-build/helpers/terraform/get_accounts.py", line 145, in get_boto3_client
43 | role = sts.assume_role(
44 | File "/root/.pyenv/versions/3.8.17/lib/python3.8/site-packages/botocore/client.py", line 565, in _api_call
45 | return self._make_api_call(operation_name, kwargs)
46 | File "/root/.pyenv/versions/3.8.17/lib/python3.8/site-packages/botocore/client.py", line 1021, in _make_api_call
47 | raise error_class(parsed_response, operation_name)
48 | botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: User: arn:aws:sts::111:assumed-role/adf-codebuild-role/AWSCodeBuild-83a8ffad-f4fc-4d89-83a6-9d32d4d83dd2 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::222:role/adf/organizations/adf-organizations-readonly
`
Steps To Reproduce
Run a terraform pipeline
Possible Solution
No response
Additional Information/Context
No response
ADF Version
4.0.0
Contributing a fix?
The text was updated successfully, but these errors were encountered: