Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Unable to delete IAM Role

0

I am trying to delete some bunch of IAM Roles based on conditions like LastUsedDate > 90days, LastCreateDate>90 days etc. In this process some IAM Roles could not be deleted because of : "Cannot delete entity, must remove roles from instance profile first". When I try to get "listInstanceProfilesForRole", I dont get Instance Profiles, I am getting an empty array. If so then why am I not able to delete IAM Role. Please suggest.

Themen
Sicherheit, Identität & Konformität
Tags
AWS Identity and Access Management
Sprache
English
vsarvotham
gefragt vor 2 Jahren2558 Aufrufe
1 Antwort
0

Hi,

From the question I understand that you are trying to delete an IAM role but are getting an error that states "Cannot delete entity, must remove roles from instance profile first". When you try to run the command “list-instance-profiles-for-role” you do not get any instance profiles in the output.

After testing in my account I was not able to replicate this issue. When running the command “list-instance-profiles-for-role” I was able to find the instance profile associated to the IAM role. I then ran the command “remove-role-from-instance-profile” and once that was completed I ran the “delete-role” command with no errors. In order to better troubleshoot this issue I would recommend creating a support case with IAM and providing the specific role name that is experiencing the issue.

I hope you have a great rest of your day!

AWS
SUPPORT-TECHNIKER
Patrick_V
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt