Skip to content

Instantly share code, notes, and snippets.

@rasheedamir
Last active April 18, 2018 12:05
Show Gist options
  • Save rasheedamir/7e7e3ed098e5b48552b93c4a8fc43edb to your computer and use it in GitHub Desktop.
Save rasheedamir/7e7e3ed098e5b48552b93c4a8fc43edb to your computer and use it in GitHub Desktop.
Jenkinsfile-upload-to-s3
#!/usr/bin/groovy
@Library('github.com/fabric8io/fabric8-pipeline-library@cf54366') _
def kubeConfig = params.KUBE_CONFIG
podTemplate() {
mavenNode(dockerImage: 'docker:1.11.2') {
container(name: 'maven') {
stage("checkout") {
sh "echo version := 1.0.${env.BUILD_ID} >> build.txt"
sh "ls -l"
withAWS(role:'nodes.tools178.yard.com') {
echo 'Hello World'
s3Upload(file:'build.txt', bucket:'847616476486-microfrontends2', path:'file.txt')
}
}
}
}
}
@rasheedamir
Copy link
Author

Exception we are getting:

com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: User: arn:aws:sts::557616476486:assumed-role/nodes.tools178.yard.com/i-03868a9e822ec1300 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::557616476486:role/nodes.tools178.yard.com with an explicit deny (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: 8492cac0-42fa-11e8-85fa-77aeb753bcb4)

@rasheedamir
Copy link
Author

this is the policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:*",
                "route53:*"
            ],
            "Resource": "*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Deny",
            "Action": "*",
            "Resource": "*"
        }
    ]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment