modernisation-platform icon indicating copy to clipboard operation
modernisation-platform copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

Redeploy after nuke fails

Open gfou-al opened this issue 2 years ago • 1 comments

The Redeploy after nuke GitHub action fails with the following error (https://github.com/ministryofjustice/modernisation-platform-environments/actions/runs/3214067978/jobs/5254188217):

Terraform has been successfully initialized!
Switched to workspace "sprinkler-development".

Error: error configuring Terraform AWS Provider: IAM Role (arn:aws:iam::946070829339:role/MemberInfrastructureAccess) cannot be assumed.

There are a number of possible causes of this - the most common are:
  * The credentials used in order to assume the role are invalid
  * The credentials do not have appropriate permission to assume the role
  * The role ARN is not valid

Error: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: f987bd80-e7fc-42ab-a276-d1b831669e21, api error AccessDenied: User: arn:aws:iam::946070829339:user/member-ci is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::946070829339:role/MemberInfrastructureAccess


  with provider["registry.terraform.io/hashicorp/aws"],
  on providers.tf line 8, in provider "aws":
   8: provider "aws" {

gfou-al avatar Oct 10 '22 09:10 gfou-al

https://github.com/ministryofjustice/modernisation-platform-environments/pull/975

A quick fix to allow the workflow to run with OIDC.

More rework to follow in the next sprint.

julialawrence avatar Oct 14 '22 08:10 julialawrence

https://github.com/ministryofjustice/modernisation-platform-environments/actions/runs/3259403389/jobs/5352197460

Redeploy after Nuke succeeded.

julialawrence avatar Oct 17 '22 06:10 julialawrence