本地实例无法注册，因为该请求包括一个已经用于注册实例的IAM用户ARN [英] The on-premises instance could not be registered because the request included an IAM user ARN that has already been used to register an instance

问题描述

在调试

解决方案

即使我删除了用户，创建了一个具有相同名称的用户，然后删除了另一个现有实例，IAM用户ARN仍然相同

  arn:aws:iam :: 525221857828:user/LightSailCodeDeployUser 

要解决此问题，我回到了第4步，并创建了一个具有不同名称的用户.然后，更新了用于创建实例的脚本，检查CodeDeploy代理是否正在运行以及现在是否在AWS CLI中运行

  aws部署register-on-premises-instance --instance-name Amazon_Linux_1 --iam-user-arn arn:aws:iam :: 525221857828:user/GeneralUser --region eu-west-2 

我得到了预期的结果

While debugging this question, I went on and

1. In IAM console at https://console.aws.amazon.com/iam/

   1.1. Deleted one role (CodeDeployServiceRole).

   1.2. Created a service role.

2. In S3 console at https://console.aws.amazon.com/s3/

   2.1. Emptied and deleted one bucket (tiagocodedeploylightsailbucket).

   2.2. Created a new bucket in EU London (eu-west-2).

3. Back into the IAM console at https://console.aws.amazon.com/iam/

   3.1. Deleted one policy (CodeDeployS3BucketPolicy).

   3.2. Created a new policy.

4. Stay in the IAM console at https://console.aws.amazon.com/iam/

   4.1. Delete one user (LightSailCodeDeployUser)

   4.2. Created a new user (with that same name).

5. Navigate to the Lightsail home page at https://lightsail.aws.amazon.com/

   5.1. Deleted previous instance (codedeploy).

   5.2. Created one new instance with Amazon Linux (Amazon_Linux_1) (Note that if I use Amazon Linux 2 then would reach this problem),

using the script

mkdir /etc/codedeploy-agent/

mkdir /etc/codedeploy-agent/conf

cat <<EOT >> /etc/codedeploy-agent/conf/codedeploy.onpremises.yml

---

aws_access_key_id: ACCESS_KEY

aws_secret_access_key: SECRET_KEY

iam_user_arn: arn:aws:iam::525221857828:user/LightSailCodeDeployUser

region: eu-west-2

EOT

wget https://aws-codedeploy-us-west-2.s3.us-west-2.amazonaws.com/latest/install

chmod +x ./install

sudo ./install auto

Checked that CodeDeploy agent is running and then when running the following command in AWS CLI

aws deploy register-on-premises-instance --instance-name Amazon_Linux_1 --iam-user-arn arn:aws:iam::525221857828:user/LightSailCodeDeployUser --region eu-west-2

I get

An error occurred (IamUserArnAlreadyRegisteredException) when calling the RegisterOnPremisesInstance operation: The on-premises instance could not be registered because the request included an IAM user ARN that has already been used to register an instance. Include either a different IAM user ARN or IAM session ARN in the request, and then try again.

解决方案

Even though I deleted the user, created one with the same name and then deleted the other existing instance, the IAM User ARN is still the same

arn:aws:iam::525221857828:user/LightSailCodeDeployUser

To fix it, I've gone back to step 4 and created a user with a different name; then, updated the script for the instance creation, checked if the CodeDeploy agent is running and now when running in AWS CLI

aws deploy register-on-premises-instance --instance-name Amazon_Linux_1 --iam-user-arn arn:aws:iam::525221857828:user/GeneralUser --region eu-west-2

I get the expected result

这篇关于本地实例无法注册，因为该请求包括一个已经用于注册实例的IAM用户ARN的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！