Calling Get-EC2Instance from EC2 instance and getting
Get-EC2Instance : You are not authorized to perform this operation.
Which IAM action do I need to add to my policy?
Asked
Active
Viewed 837 times
5
-
1Looks like it probably uses `ec2:DescribeInstances`. – ceejayoz Jul 30 '15 at 13:09
-
I tried `ec2:Describe*` to no avail. I've ended up using `ec2:*` as a sledgehammer which works but I'm not comfortable with it – jaywayco Jul 30 '15 at 20:03
1 Answers
0
I also faced the same Unauthorized issue with Get-EC2Instance in PowerShell. To get this to work, attach the permissions below to your role policy. Looks like the DescribeNetworkInterfaces permission is required in addition to DescribeInstances.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeNetworkInterfaces"
],
"Resource": "*"
}
]
}
fission
- 3,601
- 2
- 21
- 31
