wordpress清理无用缩略图,seo软件下载,网站建设教程 零基础,wordpress 书背景
最近用一个terraform asg模块部署asg时一直报错 Error: Termination Reason: Client.InternalError: Client error on launch 搜索资料发现和KMS下面的asg 对应的policy有关系.
解决方法
在AWS界面找到KMS, 然后找到customer managed key导航栏, 最后找到对应AMI加密用…背景
最近用一个terraform asg模块部署asg时一直报错 Error: Termination Reason: Client.InternalError: Client error on launch 搜索资料发现和KMS下面的asg 对应的policy有关系.
解决方法
在AWS界面找到KMS, 然后找到customer managed key导航栏, 最后找到对应AMI加密用的key修改其key policy即可, 需要在key policy中添加AWSServiceRoleForAutoScaling的policy. 如下, 注意需要把AWS Account Number 替换成自己的aws账号:
{Sid: Allow use of the key,Effect: Allow,Principal: {AWS: [arn:aws:iam::AWS Account Number:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling]},Action: [kms:Encrypt,kms:Decrypt,kms:ReEncrypt*,kms:GenerateDataKey*,kms:DescribeKey],Resource: *},{Sid: Allow attachment of persistent resources,Effect: Allow,Principal: {AWS: [arn:aws:iam::AWS Account Number:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling]},Action: [kms:CreateGrant,kms:ListGrants,kms:RevokeGrant],Resource: *,Condition: {Bool: {kms:GrantIsForAWSResource: true}}}参考
Termination Reason: Client.InternalError: Client error on launch
