如何解决使用云形成将文件从 S3 存储桶复制到 EC2 主目录
我正在尝试将文件从 S3 存储桶复制到 EC2 主目录。我使用此 SOF Answer
的帮助编写了一个脚本但是,在我的情况下,脚本正在执行而没有任何错误,但我无法在我的实例中看到文件被复制。 有人能帮我弄清楚我错过了什么吗。
造云脚本:
Properties:
ImageId: !FindInMap [Region2AMI,!Ref 'AWS::Region','AMI']
InstanceType: t2.micro
SecurityGroups:
- !Ref WebserverSecurityGroup
Tags:
- Key: Name
Value: Amazon Linux w/ Nginx included -2
KeyName: !Ref KeyName
UserData:
'Fn::Base64': !Sub |
#!/bin/bash -x
yum update -y aws-cfn-bootstrap
sudo yum install git -y
sudo yum update -y
sudo yum install Nginx -y
sudo service Nginx enable
sudo service Nginx start
mkdir /home/ec2-user/s3-dist
aws s3 cp s3://ai-dashboard-bucket/dist.zip /tmp
unzip -d /home/ec2-user/s3-dist /tmp/dist.zip
/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region} --configSets InstallAndConfig
编辑:我检查了日志文件,这是我收到的错误。 我检查了日志,发现以下错误
aws s3 同步 s3://ai-dashboard-bucket/dist.zip /home/ec2-user fatal 错误:无法找到凭据
我如何传递凭据?
感谢您的帮助。
解决方法
IAM 实例配置文件似乎无权访问 ai-dashboard-bucket 中的对象。
尝试将 IAM 实例配置文件添加到您的 EC2 实例
Resources:
InstanceRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- 'sts:AssumeRole'
Policies:
- PolicyName: root
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action: 's3:Get*'
Resource: !Sub 'arn:${AWS::Partition}:s3:::ai-dashboard-bucket/*'
InstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref InstanceRole
Ec2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !FindInMap [Region2AMI,!Ref 'AWS::Region','AMI']
InstanceType: t2.micro
IamInstanceProfile: !GetAtt InstanceRole.Arn # Using the role created above
SecurityGroups:
- !Ref WebserverSecurityGroup
Tags:
- Key: Name
Value: Amazon Linux w/ nginx included -2
KeyName: !Ref KeyName
UserData:
'Fn::Base64': !Sub |
#!/bin/bash -x
yum update -y aws-cfn-bootstrap
sudo yum install git -y
sudo yum update -y
sudo yum install nginx -y
sudo service nginx enable
sudo service nginx start
mkdir /home/ec2-user/s3-dist
aws s3 cp s3://ai-dashboard-bucket/dist.zip /tmp
unzip -d /home/ec2-user/s3-dist /tmp/dist.zip
/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region} --configSets InstallAndConfig
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
