By using AWS re:Post, you agree to the Terms of Use

AWS IAM is failing with missing permissions that are unrecognized by AWS

0

A developer on our team is trying to view AWS CloudFront caching stats (https://console.aws.amazon.com/cloudfront/v3/home?#/popular_urls and https://console.aws.amazon.com/cloudfront/v3/home?#/cache) and is getting IAM permissions errors saying that he doesn't have cloudfront:GetPopularURLs and cloudfront:ListCacheStatsDataPointSeries permissions. I'm trying to give him access, but these IAM permissions don't exist in the IAM UI (see screenshots below). How can that be? Enter image description here

1 Answers
0

Some actions are not supported in the Visual Editor. But you can get past that by adding those action using the JSON tab or pasting a JSON policy document. A policy like the following works though it would show the error "Unrecognised Actions" in Policy summary

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "cloudfront:ListCacheStatsDataPointSeries",
                "cloudfront:GetPopularURLs",
                "cloudfront:ListDistributions"
            ],
            "Resource": "*"
        }
    ]
}
profile picture
answered 16 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions