0

I have a IAM user who has the privilege of 

+AmazonS3FullAccess
+AdministratorAccess
+IAMUserChangePassword
+AmazonAppStreamFullAccess

I have two user in Appstream2

John Doe
Alec Stain

For Deleting those while I try in command line

aws appstream delete-user --user-name [\p{L}\h]+ --authentication-type SAML

it returns, 

An error occurred (AccessDeniedException) when calling the DeleteUser operation:

same thing happens for regex part if I alter with [\p{L}]+ or [\p{L}\p{M}\p{S}\p{N}\p{P}]+

Why is this AccessDeniedException and How can I delete appstream2 users anyway?

[if you wonder my credentials might be wrong, the following comman works perfectly 

aws s3api create-bucket --bucket test-bucket-989000007 --region us-east-1

response:

{
    "Location": "/test-bucket-989000007"
}

]

Monolord's Knight
  • 163
  • 1
  • 12

3 Answers3

3

I saw that there are no clear answers to this topic anywhere.

Here is an example I used and it worked.

aws appstream delete-user --user-name user-email --authentication-type USERPOOL

Enéas
  • 31
  • 2
1

--user-name parameter must be an email address of the user. I think that you can not use regular expression in that parameter. The documentation for the appstream delete-user can be found here.

Aleksei Chernenkov
  • 991
  • 1
  • 8
  • 23
  • It's been a long time. The next day I asked for help from aws support and they resolved the issue. I can't check your suggestion whether it works or not as by now I have no appstream active, I really appreciate your answer and expect it works. – Monolord's Knight Jul 22 '20 at 18:33
1

For user in USER Pool you must be use this:

aws appstream delete-user --user-name user[email]@domain.tdl --authentication-type USERPOOL

And for USER with AD or SAML use this:

aws appstream delete-user user[domain]@domain.tdl [\p{L}\h]+ --authentication-type SAML
Joman68
  • 2,248
  • 3
  • 34
  • 36
Jonathan G. Romero Labarrera
  • 11
  • 2