1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
You mentioned "explicit denial", and you don't have Deny statements in your IAM principal's policies, right? Then there must be a Deny statement elsewhere. See https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html - it could be in an Organization SCP, Resource policy (though I don't think Gamelift has these) or a Permissions Boundary.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 2 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 mois
- AWS OFFICIELA mis à jour il y a 2 ans
It looks like the culprit was a group policy that I created which forces the user to authenticate with MFA; otherwise, they do not have access to anything. I'm assuming there is a way to add MFA within the local AWS CLI? --EDIT-- Solved. Just had to grab the session token.