Stack Overflow
Stack Overflow

Questions tagged [aws-iam-policy]

98 questions
0
votes
0 answers

Error: error updating Lambda Event Source Mapping InvalidParameterValueException: Please add Lambda as a Trusted Entity

Error: error updating Lambda Event Source Mapping (98nsf70d-8754-49df-bcf1-a815d89v65ef): InvalidParameterValueException: Please add Lambda as a Trusted Entity for…
Nalluri Adithya
  • 1
0
votes
0 answers

How to use Okta username in IAM policy?

I am using Federated Identity with Okta being the IDP. I would like to add an Identity based policy which provides access to resources which are tagged with the user's Okta username. For each resource, I want to set the tag username and give it a…
Yash
  • 946
  • 1
  • 13
  • 28
0
votes
2 answers

AWS IAM policy for Event-Bridge to SQS with deny

I want to restrict my sqs to accept only from event-bridge rule, below IAM rule looks correct with deny in place, but sqs not receiving message with this, any input appreciated. { "Id": "Policy", "Version": "2012-10-17", "Statement": [ { …
Srini
  • 708
  • 1
  • 8
  • 23
0
votes
0 answers

What is "document" in AWS policy json

I was going through one of the beginners course for lambda, when I came across this Execution Role json policy { "roleName": "lambda_role", "policies": [ { "document": { "version": "2012-10-17", "statement": [ . . …
siddhu mk
  • 58
  • 7
0
votes
0 answers

How to updated the create and update aws policy in AWS using boto3

I want to create/update the aws policy using boto3 region= request.POST['env'] session = get_boto3_session(env=env) client = session.client('iam', region_name=region) service_name = request.POST['service_name'] service_value =…
Pranisha Pintraj
  • 11
  • 2
0
votes
1 answer

IAM policy to allow MWAA to use built in AWS KMS key specifies key as "NotResource" to work correctly

I'm having a little trouble getting my head around some IAM policy syntax to do with MWAA and KMS, and was wondering if anyone may be able to help me understand please. From this…
Scott
  • 45
  • 5
0
votes
1 answer

IAM Policy to only allowing viewing and editing EC2 instances by group

I am trying to create a IAM User Group with a policy so that these users can only view and edit EC2 instances with a specific tag associated. I was able to create the IAM policy however, all EC2 instances are being listed (dont want this) when I log…
Maharshi
  • 106
  • 1
  • 9
0
votes
0 answers

Cross account SQS - Lambda setup throws error execution role does not have permissions to call receiveMessage on SQS

I am trying to setup cross account communication from SQS queue to Lambda function. Both these resources are on eu-central-1 region but in 2 different AWS accounts. My setup is below AccountA has the Lambda function AccountB has the SQS queue I…
Ruwan Vimukthi Mettananda
  • 27
  • 1
  • 6
0
votes
1 answer

AWS SFTP Transfer Family - Session policies

I have setup a AWS SFTP server with custom api gateway identity provider. The user is created as SFTP/username in secrets manager with following key, value pairs - Password: Role: // roleARN policy is as…
Prashant2329
  • 327
  • 3
  • 7
  • 21
0
votes
1 answer

IAM Policy not working when condition block is added

I'm experiencing a strange issue regarding IAM policy! I want to limit RDS access to specific IAM roles for different environments, the policy works fine until I add conditions!! "Statement": [ { "Action": "rds:*", …
Vehbi Restelica
  • 11
  • 3
0
votes
1 answer

Delete AWS IAM user that has a certain tag only, using Cloudformation (Condition)

I am trying to allow IAM users (OperationsAdmin) within a certain group (OperationsAdmin group) the ability to delete users that have a certain tag (a tag that specifies that admin created the user). Is this something that is possible to do within…
Gene Smith
  • 169
  • 12
0
votes
0 answers

Error reading new Lambda permissions: AccessDeniedException in GitHub Action

I am deploying the AWS resources using GitHub Actions and I am using terraform to create resources. I have given the required Assume and IAM policy to the GitHub repo to deploy the resources. One of my use cases is, that I need a cloud watch event…
Ganesan C
  • 269
  • 1
  • 3
  • 9
0
votes
0 answers

not able to update trust policy for a role

I am trying to create featureGroup using sagemaker API in ec2 instance. got below error while running python script which creates featureGroup. botocore.exceptions.ClientError: An error occurred (ValidationException) when calling the…
ashwini
  • 531
  • 5
  • 13
  • 28
0
votes
1 answer

Connect to RDS using IAM result password error

Hello i have create an RDS on AWS, and created a policy with this permission based on this link { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "rds-db:connect" ], …
Hard Worker
  • 995
  • 11
  • 33
0
votes
1 answer

How to create an IAM user with full access except for admin

I want to add an IAM user to AWS with all permissions policies except for the ability to see billing and close account or change any information they don't need, that the root user has. What policies should I add to this new group that the IAM user…
Joseph Caruana
  • 39
  • 5
1 2 3 4 5
6
7