Need Help. Trying to create Windows EC2 with Java installed using below template. However, I get 403 when artifacts are being copied from my Private S3 Bucket. Role to Access S3 and EC2 instance are created fine. What could be the issue?
Resources:
EC2S3Role:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: 'sts:AssumeRole'
Principal:
Service: ec2.amazonaws.com
Effect: Allow
Sid: ''
Policies:
- PolicyDocument:
Version: 2012-10-17
Statement:
- Action:
- 's3:GetObject'
Resource: "arn:aws:s3:::windowsartifcats"
Effect: Allow
PolicyName: AuthenticatedS3GetObjects
EC2S3InstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Path: /
Roles:
- !Ref EC2S3Role
JavaSeleniumEC2Instance:
Type: "AWS::EC2::Instance"
Properties:
KeyName: "windowskeypair"
ImageId: ami-0229f7666f517b31e
InstanceType: "t2.micro"
SecurityGroups:
- "windows"
IamInstanceProfile: !Ref EC2S3InstanceProfile
UserData:
Fn::Base64: !Join
- ""
- - "<script> cfn-init.exe -v -s "
- !Ref "AWS::StackId"
- " -r JavaSeleniumEC2Instance --region "
- !Ref "AWS::Region"
- "</script>"
Metadata:
AWS::CloudFormation::Authentication:
S3AccessCreds:
Type: "S3"
buckets:
- "windowsartifcats"
roleName:
!Ref EC2S3Role
AWS::CloudFormation::Init:
config:
files:
"c:\\Install-Java-JDK.ps1":
content: !Join
- ''
- - 'Set-Location C:\\;'
- '.\\jdk-11.0.9_windows-x64_bin.exe /s'
"c:\\jdk-11.0.9_windows-x64_bin.exe":
source: "https://windowsartifcats.s3.us-east-1.amazonaws.com/jdk-11.0.9_windows-x64_bin.exe"
"c:\\IEDriverServer.exe":
source: "https://windowsartifcats.s3.us-east-1.amazonaws.com/IEDriverServer.exe"
commands:
"JavaInstall":
command: "powershell.exe -ExecutionPolicy RemoteSigned -Command c:\\Install-Java-JDK.ps1"
waitAfterCompletion: '180'
Logs from C:\cfn\log.cfn-init:
2020-12-21 06:28:15,608 [ERROR] Error encountered during build of config: Failed to retrieve https://windowsartifcats.s3.us-east-1.amazonaws.com/IEDriverServer.exe: HTTP Error 403
