Error calling AssociateAddress- AWS Transfer family

Question

I have tried to create AWS Transfer family in VPC public subnet from console. It failed with below error "Error calling AssociateAddress: You are not authorized to perform this operation". Decoded the message to find that missing it missing permission for ec2:AssociateAddress

Added below policy to the role. Still the error persist while creating server. Can you please help

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "ec2:AssociateAddress",
            "Resource": "arn:aws:ec2:us-east-1:111111:elastic-ip/*",
            "Effect": "Allow"
        }
    ]
}

score 0 · Answer 1 · answered Sep 16 '21 at 07:00

0

AssociateAddress does not only apply to elastic-ip. You should try with:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "ec2:AssociateAddress",
            "Resource": [
               "arn:aws:ec2:us-east-1:111111:elastic-ip/*",
               "arn:aws:ec2:us-east-1:111111:instance/*",
               "arn:aws:ec2:us-east-1:111111:network-interface/*",
             ],
            "Effect": "Allow"
        }
    ]
}

answered Sep 16 '21 at 07:00

Marcin

215,873
14
235
294

It did not help. do we need to tweak something in Trust Relationship ? – sam Sep 16 '21 at 09:17
@sam I don't know. Your question does not provide any information about Trust Relationship. – Marcin Sep 16 '21 at 10:30

Error calling AssociateAddress- AWS Transfer family

1 Answers1