Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

AWS CLI Denied Permission Due to IAM Policy - Policy has all permissions correct. Previously worked fine.

0

I had to update my CLI on a few devices, and I am now unable to access anything pertaining to gamelift's API via an explicit denial. I double checked the permission policy that I assigned to the IAM user, and while it is set to allow full access to resources, it will not work.

Any suggestions or recommendations? I have also tried re-creating the policy via JSON and the visual GUI. I even tried creating a new user to use, and nothing works. I even ended up uninstalling the CLI tool and deleting the configuration and credential files multiple times trying to see if that would fix the issue.

Policy below:

{ "Version": "2012-10-17", "Statement": { "Effect": "Allow", "Action": "gamelift:", "Resource": "" } }

Temas
Seguridad, identidad y cumplimientoGestión y gobiernoTecnología de juegos
Etiquetas
Seguridad, identidad y cumplimientoAWS Command Line InterfaceAmazon GameLiftPolíticas de IAM
Idioma
English
rePost-User-1475035
preguntada hace un año301 visualizaciones
1 Respuesta
0
Respuesta aceptada

You mentioned "explicit denial", and you don't have Deny statements in your IAM principal's policies, right? Then there must be a Deny statement elsewhere. See https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html - it could be in an Organization SCP, Resource policy (though I don't think Gamelift has these) or a Permissions Boundary.

EXPERTO
skinsman
respondido hace un año
  • rePost-User-1475035
    hace un año

    It looks like the culprit was a group policy that I created which forces the user to authenticate with MFA; otherwise, they do not have access to anything. I'm assuming there is a way to add MFA within the local AWS CLI? --EDIT-- Solved. Just had to grab the session token.

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante