Configuring AWS S3 Storage policy permissions for Bamboo
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
問題
After configuring Amazon S3 artifact storage the job which generates the artifacts successfully uploads the artifacts to S3 but the job which consumes that artifacts displays the error:
Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: B5872XXXXXXXXXXD)
原因
AWS credentials used for Elastic Bamboo configuration require S3 permissions in Amazon S3.
ソリューション
Add or modify policies in your AWS management console by following this example of a Bamboo IAM account policy configuration:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1434671502112",
"Action": [
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectAcl",
"s3:GetObjectVersion",
"s3:GetObjectVersionAcl",
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:PutObjectVersionAcl"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::atlassian-net-bamboo-artifacts"
}
]
}
using AWS Policy Generator