Question:
I have a C# Web API Elastic Beanstalk app which needs a folder outside the deployment directory that the IUSER and IIS_USERS users can write to. I’ve created a .config file and put this in the top level .ebextensions folder in my project. The contents are below:
|
1 2 3 4 5 6 7 |
commands: 0_mkdir: command: mkdir C:\\AppFolder\\ 1_set_iuser_permissions: command: cacls C:\\AppFolder\\ /t /e /g IUser:f IIS_Users:f |
However while the folder is created successfully the permissions aren’t set. If anyone has any idea what I am doing wrong I would be hugely grateful. Big thanks in advance.
Answer:
In the end I switched to using Json instead of YAML as, despite my YAML being validated by several online YAML testers, AWS still wouldn’t accept it. It always had issues with the parameters passed to icacls. I also changed to a folder within the application App_Data folder as setting permissions on any directory external to the application didn’t appear to work. So, my final configuration file is as follows:
|
1 2 3 4 5 6 7 8 |
{ "container_commands": { "01": { "command": "icacls \"C:/inetpub/wwwroot/AppName_deploy/App_Data/AppFolder\" /grant DefaultAppPool:(OI)(CI)F" } } } |
Hope this helps someone else out.