Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Unable to delete IAM Role

0

I am trying to delete some bunch of IAM Roles based on conditions like LastUsedDate > 90days, LastCreateDate>90 days etc. In this process some IAM Roles could not be deleted because of : "Cannot delete entity, must remove roles from instance profile first". When I try to get "listInstanceProfilesForRole", I dont get Instance Profiles, I am getting an empty array. If so then why am I not able to delete IAM Role. Please suggest.

Argomenti
Sicurezza, identità e conformità
Tag
Gestione identità e accesso AWS
Lingua
English
vsarvotham
posta 2 anni fa2558 visualizzazioni
1 Risposta
0

Hi,

From the question I understand that you are trying to delete an IAM role but are getting an error that states "Cannot delete entity, must remove roles from instance profile first". When you try to run the command “list-instance-profiles-for-role” you do not get any instance profiles in the output.

After testing in my account I was not able to replicate this issue. When running the command “list-instance-profiles-for-role” I was able to find the instance profile associated to the IAM role. I then ran the command “remove-role-from-instance-profile” and once that was completed I ran the “delete-role” command with no errors. In order to better troubleshoot this issue I would recommend creating a support case with IAM and providing the specific role name that is experiencing the issue.

I hope you have a great rest of your day!

AWS
TECNICO DI SUPPORTO
Patrick_V
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente