1. CircleCI Support Center
  2. CircleCI on-premise solutions - Server & Runner
  3. Troubleshooting CircleCI Server

How to resolve AWS AssumeRole error

Avatar
Chungjung

Overview

You can see the error like below, which says it failed because of missing the IAM role.

[ERROR]: These AWS credentials are not authorized to assume the necessary IAM role.

[REASON]: error assuming 'arn:aws:iam::0123456789:role/tokengen-role-spoke-user' role in account 0123456789: operation error STS: AssumeRole, get identity: get credentials: failed to refresh cached credentials, operation error STS: AssumeRole, get identity: get credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, http response error StatusCode: 404, request to EC2 IMDS failed [cmd_token.go:91 main.cmdToken.func2]

Exited with code exit status 1

 

Solution

You need to edit CircleCI configmap present in the circleci-server namespace, e.g. machine-provisioner-configmap.

Please add a line related to the assumed role ARN under the EC2 section like below.

assumed_role_arn: "arn:aws:iam::1234567890:instance-profile/circleci-server-nomad-profile"
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more