An error occurred (AccessDeniedException) when calling the ListPermissionSets operation

Hi, i have created IAM user and attached below policy. AdministratorAccess AWSOrganizationsFullAccess AWSSSOReadOnly also added one inline policy as well for these actions[ "sso:", "sso-directory:","identitystore:*"] but still i am getting below Error: An error occurred (AccessDeniedException) when calling the ListPermissionSets operation: User: arn:aws:iam::account-id:user/test_user is not authorized to perform: sso:ListPermissionSets

can any one please let us know where i should done wrong?

Oleksii Bebych 专家
1 个月前
please accept the answer if it was useful

主题

安全、身份和合规性

标签

AWS IAM 身份中心

语言

English

sekhar

已提问 1 个月前442 查看次数

1 回答

最新
投票最多
评论最多

the needed action is "Action": "sso:ListPermissionSets"

you need to replace your "sso:", with "sso:*", or better avoid asterisks "*" and provide a specific action

专家

Oleksii Bebych

已回答 1 个月前

专家

Osvaldo Marte

已审核 1 个月前

sekhar
1 个月前
Thanks, but my questions is even if i provide enough permissions ,still i couldn't list the permission sets.

client = boto3.client('sso-admin') response = client.list_permission_sets( InstanceArn='arn:aws:sso:::instance/ins-*****' ) print(response)
Osvaldo Marte 专家
1 个月前
Explicitly allow sso:ListPermissionSets. Adding a specific inline policy for sso:ListPermissionSets should resolve the issue.

An error occurred (AccessDeniedException) when calling the ListPermissionSets operation

相关内容