Unable to run AWS KMS test in Evergreen due to insufficient permissions for drivers-test-secrets-role

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Done
    • Priority: Unknown
    • None
    • Component/s: Evergreen Tools
    • None
    • Not Needed

      Summary

      Evergreen CI using arn:aws:iam::857654397073:role/drivers-test-secrets-role does not have permission to use kms:Encrypt for arn:aws:kms:us-east-1:579766882180. Trying this fails with the following error:

      {"__type":"AccessDeniedException","Message":"User: arn:aws:sts::857654397073:assumed-role/drivers-test-secrets-role/1748895100 is not authorized to perform: kms:Encrypt on this resource because the resource does not exist in this Region, no resource-based policies allow access, or a resource-based policy explicitly denies access"}

      Motivation

      Who is the affected end user?

      Drivers that test AWS KMS in evergreen CI

      Is this ticket only for tests?

      Yes

      Acceptance Criteria

      Evergreen CI using arn:aws:iam::857654397073:role/drivers-test-secrets-role needs to be able to perform kms:Encrypt on arn:aws:kms:us-east-1:579766882180.

            Assignee:
            Steve Silvester
            Reporter:
            Preston Vasquez
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: