[英]Add a IAM role that is service linked role
我正在尝试创建一个 CFN 来启动连接到 ECR 的 ECS 和顶部的负载均衡器。 但现在我得到这个错误:
Resource handler returned message: "Invalid request provided: CreateService error: You cannot specify an IAM role for services that require a service linked role. (Service: AmazonECS; Status Code: 400; Error Code: InvalidParameterException; Request ID: b8a77e87-5715-4d43-b58f-a0843dbee15e; Proxy: null)" (RequestToken: c19a676b-893b-8369-a9b5-75c792c18bd0, HandlerErrorCode: InvalidRequest)
我在事件中失败的服务块是这样的。
service:
Type: AWS::ECS::Service
DependsOn: ALBListenerHttps
Properties:
Cluster: !Ref 'ECSCluster'
DesiredCount: '1'
LaunchType: FARGATE
LoadBalancers:
- ContainerName: !Sub ${Environment}-${Name}
ContainerPort: '3000'
TargetGroupArn: !Ref 'ECSTG'
Role: 'arn:aws:iam::{My was id}:role/aws-service-role/ecs.amazonaws.com/AWSServiceRoleForECS'
TaskDefinition: !Ref 'taskdefinition'
NetworkConfiguration:
AwsvpcConfiguration:
AssignPublicIp: 'ENABLED'
Subnets: !Ref 'SubnetId'
如果您有NetworkConfiguration
,则不能使用Role
。 所以删除你的Role
。 来自文档:
仅当您在服务中使用负载均衡器并且您的任务定义不使用 awsvpc .network 模式时才允许使用此参数。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.