-
Bug
-
Resolution: Unresolved
-
Minor
-
Jenkins version: 1.642.2, plugin version:1.2 (archives) . I use the docker hub to install Jenkins.
I want to add a new cloud and and a new slave template. I use the same iam policy showed in the documentation. And I chose the name of the ECS Cluster to "default". when I created a slave template and click save, it showed the JAVA error " Caused by: com.amazonaws.AmazonServiceException: User: arn:aws:iam::040653710277:user/ecs-jenkinsbot is not authorized to perform: ecs:RegisterTaskDefinition on resource: * (Service: AmazonECS; Status Code: 400; Error Code: AccessDeniedException; Request ID: 8b5a6f59-efa5-11e5-bf1e-5fbd8a5dcc6b)]". After I changed the IAM role, problem solved. However, I just want jenkins to ONLY have permissions to register task in my cluster default. So what shall I do?
I had the same issue. This is a mistake in the documentation.
You should add the following resources in your AWS policy:
"arn:aws:ecs:<region>:<account-id>:task-definition/jenkins-slave:*"
I found this by connecting to my instance and using aws ecs commands