0

i have added permission in my event bus as

{
"Version": "2012-10-17",
"Statement": [{
"Sid": "allow_account_to_put_events",
"Effect": "Allow",
"Principal": {
  "AWS": "arn:aws:iam::406342097594:root"
},
"Action": "events:PutEvents",
"Resource": "arn:aws:events:us-east-2:406342097594:event-bus/default"
}, {
"Sid": "allow_account_to_manage_rules_they_created",
"Effect": "Allow",
"Principal": {
  "AWS": "arn:aws:iam::406342097594:root"
},
"Action": ["events:PutRule", "events:PutTargets", "events:DeleteRule", 
"events:RemoveTargets", "events:DisableRule", "events:EnableRule", 
"events:TagResource", "events:UntagResource", "events:DescribeRule", 
"events:ListTargetsByRule", "events:ListTagsForResource"],
"Resource": "arn:aws:events:us-east-2:406342097594:rule/default",
"Condition": {
  "StringEqualsIfExists": {
    "events:creatorAccount": "406342097594"
  }
}
}]
}

getting error as below

INFO AccessDeniedException: User: arn:aws:sts::406342097594:assumed-role/SDL-role-kz8ds7y3/SDL-Connector is not authorized to perform: events:EnableRule on resource: arn:aws:events:us-east-2:406342097594:rule/SDL-Connector because no identity-based policy allows the events:EnableRule action

pawan007
  • 43
  • 6
  • 1
    Like the error says, the role you've assumed doesn't have permission to perform that action. Update the policy to allow it – erik258 Jan 05 '22 at 19:57
  • @DanielFarrell i have updated the policy in event bus but still not able to perform the action. – pawan007 Jan 06 '22 at 05:24
  • The error specifies a role you're using that is missing the permission . You ned to ad the permision to *that* role, not some other role. – erik258 Jan 06 '22 at 19:49

1 Answers1

0

In my role i added the inline policy and copied the AmazonEventBridgeFullAccess policy role json from https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-use-identity-based.html and it worked.

pawan007
  • 43
  • 6
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jan 07 '22 at 10:33