Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

AWS CLI Denied Permission Due to IAM Policy - Policy has all permissions correct. Previously worked fine.

0

I had to update my CLI on a few devices, and I am now unable to access anything pertaining to gamelift's API via an explicit denial. I double checked the permission policy that I assigned to the IAM user, and while it is set to allow full access to resources, it will not work.

Any suggestions or recommendations? I have also tried re-creating the policy via JSON and the visual GUI. I even tried creating a new user to use, and nothing works. I even ended up uninstalling the CLI tool and deleting the configuration and credential files multiple times trying to see if that would fix the issue.

Policy below:

{ "Version": "2012-10-17", "Statement": { "Effect": "Allow", "Action": "gamelift:", "Resource": "" } }

Themen
Sicherheit, Identität & KonformitätManagement & UnternehmensführungGaming-Technologie
Tags
Sicherheit, Identität & KonformitätAWS BefehlszeilenschnittstelleAmazon GameLiftIAM-Richtlinien
Sprache
English
rePost-User-1475035
gefragt vor einem Jahr301 Aufrufe
1 Antwort
0
Akzeptierte Antwort

You mentioned "explicit denial", and you don't have Deny statements in your IAM principal's policies, right? Then there must be a Deny statement elsewhere. See https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html - it could be in an Organization SCP, Resource policy (though I don't think Gamelift has these) or a Permissions Boundary.

EXPERTE
skinsman
beantwortet vor einem Jahr
  • rePost-User-1475035
    vor einem Jahr

    It looks like the culprit was a group policy that I created which forces the user to authenticate with MFA; otherwise, they do not have access to anything. I'm assuming there is a way to add MFA within the local AWS CLI? --EDIT-- Solved. Just had to grab the session token.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt