403 and Permission Errors when Enabling New Services

Issue

Armory has found that some customers enabling new services in Spinnaker may encounter various errors, including 403 access errors, when attempting to execute pipelines or perform other tasks. This issue can usually be related to changes in customer deployments related to policies on minimum access requirements.  

Cause

As general guidance for account role access, the AWS Power User role should be used when granting permissions.  However, customers may find that their internal security policy requires more granularly defined access.