Search code examples
ruby-on-railsamazon-s3github-actionsamazon-elastic-beanstalkworkflow

Beanstalk deploy fails when it tries to save version to S3 with Github actions


Deploy fails and stops immediately with a blank error message:

Uploading file to bucket elasticbeanstalk-us-east-1-333 Error: Deployment failed: Error: Status: 403. Message:

My einaregilsson/beanstalk-deploy@v22 parameters are:

        Application: 3-2-dev
         Environment: A3-2-dev
       Version Label: 28b8ae6f806a070eadbc377573764382f5550335
 Version description: test
          AWS Region: us-east-1
                File: deploy.zip
Existing bucket Name: elasticbeanstalk-us-east-1-333
      AWS Access Key: ***
      AWS Secret Key: ***
 Wait for deployment: true
  Recovery wait time: 30

This problem is present now in 2 different projects living in 2 different environments of elastic-beanstalk, deploys crashing the same way on both.

I'm checking out environment logs but the error is not present in the eb-engine.log

I've tried several things:

  • Combinations with the aws secrets just to ensure that aws is responding with the "wrong credentials" ERROR.
  • Changing the einaregilsson/beanstalk-deploy version to a newer since we had it on the 11th version.
  • Setting version label and verison description to a hardcode and simple number

I'm guessing it will have something to do with the AWS user's policies or permissions but at the moment I'm not the account owner so I need to convince the boss to add or delete some of them for example:

  1. AWSCompromisedKeyQuarantineV2
  2. AWSElasticBeanstalkWebTier
  3. AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy

Solution

  • We got it working again 🤙🏻 It was the AWSCompromisedKeyQuarantineV2 and worked by disabling it.

    Not being the Aws user administrator is a real headache. I had to convince the admin and the PM to give it a try. Maybe I should convince them to give me full access to the account. Anyway, I'll investigate if someone activated the policy or if it just got an automated update.