An error occurred (AccessDeniedException) when calling the ListPermissionSets operation

Hi, i have created IAM user and attached below policy. AdministratorAccess AWSOrganizationsFullAccess AWSSSOReadOnly also added one inline policy as well for these actions[ "sso:", "sso-directory:","identitystore:*"] but still i am getting below Error: An error occurred (AccessDeniedException) when calling the ListPermissionSets operation: User: arn:aws:iam::account-id:user/test_user is not authorized to perform: sso:ListPermissionSets

can any one please let us know where i should done wrong?

Oleksii Bebych EXPERT
3 days ago
please accept the answer if it was useful

Topics

Security, Identity, & Compliance

Tags

AWS IAM Identity Center

Language

English

sekhar

asked 12 days ago111 views

1 Answer

Newest
Most votes
Most comments

the needed action is "Action": "sso:ListPermissionSets"

you need to replace your "sso:", with "sso:*", or better avoid asterisks "*" and provide a specific action

EXPERT

Oleksii Bebych

answered 12 days ago

EXPERT

Osvaldo Marte

reviewed 8 days ago

sekhar
10 days ago
Thanks, but my questions is even if i provide enough permissions ,still i couldn't list the permission sets.

client = boto3.client('sso-admin') response = client.list_permission_sets( InstanceArn='arn:aws:sso:::instance/ins-*****' ) print(response)
Osvaldo Marte EXPERT
8 days ago
Explicitly allow sso:ListPermissionSets. Adding a specific inline policy for sso:ListPermissionSets should resolve the issue.

Relevant content

AccessDeniedException: An error occurred (AccessDeniedException) when calling the CreateJob operation: This account is not authorized to use this resource.
bidhu
asked 2 months ago
AccessDeniedException: An error occurred (AccessDeniedException) when calling the ListTables operation: Team is not associated to an AWS Account
rePost-User-0309502
asked a year ago
An error occurred (AccessDeniedException) when calling the CreateDiskSnapshot operation
dongdongbh
asked a month ago
AccessDeniedException: An error occurred (AccessDeniedException) when calling the InvokeModelWithResponseStream operation: You don't have access to the model with the specified model ID.
Accepted Answer
rePost-User-2198189
asked a month ago
How do I troubleshoot the error AccessDeniedException when I'm trying to access an Amazon DynamoDB table?
AWS OFFICIALUpdated 2 years ago
How do I resolve the "AccessDeniedException" error when I use the create-group AWS CLI command to create QuickSight groups?
AWS OFFICIALUpdated 2 months ago
How do I resolve the error "An error occurred (TargetNotConnectedException) when calling the ExecuteCommand operation" in Amazon ECS?
AWS OFFICIALUpdated 10 days ago
How do I resolve the QuickSight error "An error occurred (AccessDeniedException)" when I generate an embedded QuickSight dashboard URL for unregistered users?
AWS OFFICIALUpdated a month ago
Generate and Use Context for an Operations Chatbot using Amazon SageMaker, Amazon Bedrock, Python Notebooks, and PowerCLI
EXPERT
Jay Scheponik
published 7 months ago
Using DynamoDB as an Append-Only Database
EXPERT
Leeroy Hannigan
published 7 months ago