I am using AWS Code Pipeline to perform deployment, I manage to perform the deployment by using only CodeBuild, but when I changed it to S3 source, deployment always fails with error message:-Waiting for DOWNLOAD_SOURCE
My CodeBuild project is created from the CodePipeline as pointed out by others. I have also assigned it full access to my S3 out of desperation. But still to no avail.
My CodeBuild project service role policy is as below:-
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"s3:*",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:s3:::codepipeline-ap-southeast-1-625xxxxxxx/*",
"arn:aws:s3:::codepipeline-ap-southeast-1-625xxxxxxx/octen_frontend_prod/SourceArti/*",
"arn:aws:logs:ap-southeast-1:57313xxxxxxx:log-group:/aws/codebuild/MyApp",
"arn:aws:logs:ap-southeast-1:57313xxxxxxx:log-group:/aws/codebuild/MyApp:*"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"s3:PutAccountPublicAccessBlock",
"s3:GetAccountPublicAccessBlock",
"s3:ListAllMyBuckets",
"s3:*",
"s3:ListJobs",
"s3:CreateJob",
"s3:HeadBucket"
],
"Resource": "*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "logs:CreateLogGroup",
"Resource": [
"arn:aws:logs:ap-southeast-1:5731xxxxxxxx:log-group:/aws/codebuild/MyApp",
"arn:aws:logs:ap-southeast-1:5731xxxxxxxx:log-group:/aws/codebuild/MyApp:*"
]
}
]
}
