Error Encountered in W4C4 Capstone Project (Part 1 & 2) Solution

While running the terraform apply command, the following error occurred:
module.extract_job.aws_iam_role_policy.task_role_policy: Creating…
Error: putting IAM Role (Cloud9-de-c4w4a1-glue-role) Policy (de-c4w4a1-glue-role-policy): operation error IAM: PutRolePolicy, https response error StatusCode: 403, RequestID: a39b904c-916d-4743-ab83-986c07d37d44, api error AccessDenied: User: arn:aws:sts::023153730192:assumed-role/VSCodeInstanceRole/i-0b3eee0c1c135efc5 is not authorized to perform: iam:PutRolePolicy on resource: role Cloud9-de-c4w4a1-glue-role because no identity-based policy allows the iam:PutRolePolicy action. The VSCodeInstanceRole is denied the iam:PutRolePolicy permission.

Solution:

To resolve this issue, you’ll need to grant the necessary permissions. You can either:

  1. Add the iam:PutRolePolicy permission to the VSCodeInstanceRole.
  2. Provide access for editing the VSCodeInstanceRole.

In either case, you currently have restrictions preventing these changes. I feel it’s cheating that you plan to not solve this silly bug until the end of the trial period. I’m sure about this; otherwise, you could fix it in a single day when we reported it. Please advise on how to proceed.

Hi @muhammed.arshid, we had an issue regarding the policy for VSCodeInstanceRole that came up recently, we are working on solving this issue quickly in all labs. We deployed the updated C4W4 Capstone Part 1 lab recently, we believe the bug shouldn’t happen again.

Hi, I am also facing the same issue since yesterday. Shall I re-spawn the lab now? My current instance has the exact error:

Hi @srikwit , you should be able to re-launch the lab now. Please let us know if you are still experiencing any issues.

I am getting message “[Your total lab spend of $20.060331 has exceeded the total budget of $20]” for lab in part1. @jessica-dlai

I encountered the same problem with the VSCodeEC2 instance not having the authorization for the iam:PutRolePolicy. In order to complete the lab, I worked around this issue by running the glue jobs manually in the AWS Glue Console.

1 Like

same here.

I encountered another error when I went through part 2:
I can’t call any glue job from VSCode terminal due to [AccessDeniedException].

image

When I ran it in AWS conselo, everything worked fine until I ran the data_quality part:

terraform apply -target=module.data_quality

The terminal shuts down and restarts every time when I get there.

I’m not sure if I’m missing something, so any help would be greatly appreciated!

@Pbot, how have you resolved this problem ?