By using AWS re:Post, you agree to the Terms of Use
/Permission denied on AWS Device Farm/

Permission denied on AWS Device Farm

0

Hi, I tried to run ./gradlew deviceFarmUpload but it failed because I am not authorized to perform: devicefarm:ListProjects with an explicit deny in an identity-based policy. I checked with my admin and he stated that I am in a user group which has the AWSDeviceFarmFullAccess policy attached to the group.

arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess { "Version": "2012-10-17", "Statement": [ { "Action": [ "devicefarm:" ], "Effect": "Allow", "Resource": "" } ] }

Can I get help with this issue? Thank you so much.

2 Answers
0

The issue is that an explicit deny in any relevant policy will override any allow that you have (like the policy you included).

You will likely need to ask your admin about what other policies are applied to your user/group/role, as it looks like some other policy is denying the action(s) you want.

answered 20 days ago
0

Hi,

Thanks for reaching out. I just want to echo rowanu's answer here, as mentioned, it's most likely due to another policy attached which has an explicit deny. Please see here for the policy evaluation logic -> https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow

Please feel free to raise a support case with us if you are unable to find the root cause of this issue. We will be happy to help you.

SUPPORT ENGINEER
answered 20 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions