I am trying to deploy a Maven project as a service in AWS. The following is the project's yaml file.
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2023-04-14
Globals:
Function:
Timeout: 30
Resources:
function:
Type: AWS::Serverless::Function
Properties:
CodeUri: .
Handler: com.poc.AsyncLambdaHandler::handleRequest
Runtime: java11
AutoPublishAlias: production
SnapStart:
ApplyOn: PublishedVersions
Architectures:
- x86_64
MemorySize: 2048
Environment:
Variables:
JAVA_TOOL_OPTIONS: -XX:+TieredCompilation -XX:TieredStopAtLevel=1
Policies:
- AWSSecretsManagerGetSecretValuePolicy:
SecretArn: !Sub arn:aws:secretsmanager:us-west-2:573665728121:secret:WXJTXQk/ETN7dZtaNOnFrnZy0lGrkPCMWHEzs+v2
- Statement:
-Effect: "Allow"
Action:
- "cloudformation:CreateChangeSet"
Resource:
- "arn:aws:cloudformation:us-east-1:258644786104:stack/xyz/*"
- "arn:aws:cloudformation:us-east-1:aws:transform/Serverless-2023-04-14"
Events:
HelloWorld:
Type: Api
Properties:
Path: /{proxy+}
Method: ANY
When I use sam deploy --guided
, I receive the following error.
Error: Failed to create changeset for the stack: xyz, ex: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state: For expression "Status" we matched expected path: "FAILED" Status: FAILED. Reason: User: arn:aws:iam::258644786104:user/demo is not authorized to perform: cloudformation:CreateChangeSet on resource: arn:aws:cloudformation:us-east-1:aws:transform/Serverless-2023-04-14
Although I have given AdministratorAccess to the demo user.