Last active
June 4, 2023 20:36
-
-
Save andresgutgon/c5f67487101c8e0909c8a48fd5cd4502 to your computer and use it in GitHub Desktop.
SST using aws SSO
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Running | |
| AWS_PROFILE=<MY_USERNAME_PROFILE> pnpm sst dev | |
| // I get this error | |
| Errors | |
| Site UPDATE_FAILED | |
| stack: User: arn:aws:sts::<AWS_ACOUNT_ID>:assumed-role/AWSReservedSSO_sst-stack_<SOME_HASH>/<MY_USERNAME_PROFILE> | |
| is not authorized to perform: cloudformation:DescribeStacks | |
| on resource: arn:aws:cloudformation:us-east-1:<AWS_ACOUNT_ID>:stack/<MY_USERNAME_PROFILE>-local-app-Site/* | |
| because no identity-based policy allows the cloudformation:DescribeStacks action |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "VisualEditor0", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "cloudformation:DescribeStackEvents", | |
| "cloudformation:GetTemplate", | |
| "cloudformation:DeleteStack", | |
| "cloudformation:DescribeStackResources", | |
| "cloudformation:ListStacks", | |
| "cloudformation:DescribeStacks" | |
| ], | |
| "Resource": "arn:aws:cloudformation:us-east-1:<AWS_ACOUNT_ID>:stack/*", | |
| "Condition": { | |
| "Null": { | |
| "aws:ResourceTag/sst:app": "false" | |
| } | |
| } | |
| }, | |
| ... | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment