- Le plus récent
- Le plus de votes
- La plupart des commentaires
Temporary solution: add additional policy with Allow
iam:CreateServiceLinkedRole
on resource arn:aws:iam::*:role/aws-service-role/apprunner.amazonaws.com/AWSServiceRoleForAppRunner
.
Long term - to be fixed by AWS :)
I'm using CDK and I added the allow the statement to both cdk-qualifier-cfn-exec-role-*****-region
and cdk-qualifier-deploy-role-*****-region
yet it still fail. When deploying with CDK which role should contain this policy statement?
Resource handler returned message: "AccessDenied. Couldn't create a service-linked role for App Runner. When creating the first vpc connector in the account, caller must have the 'iam:CreateServiceLinkedRole' permission. Use the 'AWSAppRunnerFullAccess' managed user policy to ensure users have all required permissions.
Temporary solution: add additional policy with Allow iam:CreateServiceLinkedRole on resource arn:aws:iam::*:role/aws-service-role/apprunner.amazonaws.com/AWSServiceRoleForAppRunner. Long term - to be fixed by AWS :)
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 7 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans