AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Why can't I see the permissions attached to a user in IAM?

0

When I set up the users on my account I used this link https://awspolicygen.s3.amazonaws.com/policygen.html to generate the json giving them the specific access rights to the specific services and resources I wanted, and I copied and pasted that into something in the set up.

I know that after that initial set up, I then went back to users in IAM and was able to alter the json to further expand or limit their permissions.

The problem is now I can't find my way back to that. When I look at my users in IAM, under 'Permissions' they have in the 'Permissions Policies' section it says "No resources to display". The users also do not belong to any groups. So my questions are:

  1. Why can't I see the permissions a user has?
  2. Why does it look like my users have 0 permissions?
  3. Where is the json that I initially generated and then later edited to set their permissions?
  • Ben
    10달 전

    I'm an idiot. The permissions were attached to the resources, not the users. But that feels counterintuitive that a user can have permission to access stuff but you can't see what resources a user has access to in IAM.

주제
보안, 신원 및 규정 준수
태그
AWS 자격 증명 및 액세스 관리IAM 정책
언어
English
Ben
질문됨 10달 전349회 조회
1개 답변
0

Hi, the policy generator that you used is a helper to create json with proper syntax but it doesn't create them in IAM. You have to do it yourself by copying and pasting the generated policies to the AWS IAM console of your accounts after you chose which users to attribute those policies to.

The documentation on how to change permissions of a given user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_change-permissions.html

Hope it helps

Didier

profile pictureAWS
전문가
Didier_Durand
답변함 10달 전
profile picture
전문가
JimmyDqv
검토됨 10달 전
  • Ben
    10달 전

    I know it doesn't create them, I did the copy and paste and set the users up right. The users have the access I gave them. For example they can put the right kinds of file in the right folders in the right S3 buckets. The problem is that I can't find my way back to see what permissions the user has. When I look at the user in IAM, it looks like they have no permissions. I can't find where the permissions I previously defined for them are.

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠