Questions tagged [amazon-iam]

AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM you can create and manage AWS users and groups and use permissions to allow and deny their permissions to AWS resources

Amazon AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM you can create and manage AWS users and groups and use permissions to allow and deny their permissions to AWS resources.

IAM also enables identity federation between your corporate directory and AWS services. This lets you use existing corporate identities to grant secure access to AWS resources, such as Amazon S3 buckets, without creating new AWS identities for those users.

Resources:

3730 questions

121

votes

4 answers

Quick way to get AWS Account number from the AWS CLI tools?

Looking for a quick way to pull my account number, I had originally thought of using aws iam get-account-authorization-details --max-items 1 but there are several issues with doing it this way. Is there a way to do this that might not cross account…

asked Nov 18 '15 at 21:48

ehime

7,079
8
42
101

102

votes

7 answers

Proper access policy for Amazon Elastic Search Cluster

I've recently started using the new Amazon Elasticsearch Service and I can't seem to figure out the access policy I need so that I can only access the services from my EC2 instances that have a specific IAM role assigned to them. Here's an example…

amazon-web-services elasticsearch amazon-ec2 amazon-iam amazon-elasticsearch

asked Oct 06 '15 at 19:23

hartfordfive

1,215
2
10
17

101

votes

17 answers

Unable to select Custom SSL Certificate (stored in AWS IAM)

I am going to create a new distribution at CloudFront. Already I have uploaded my SSL certificate at AWS IAM using AWS CLI. That certificate appears in the Custom SSL Certificate dropdown on new distribution page but it is DISABLED. Can someone tell…

ssl amazon-web-services amazon-cloudfront amazon-iam aws-cli

asked Feb 19 '15 at 14:46

theGeekster

5,421
10
31
46

votes

3 answers

How to convert a private key to an RSA private key?

Let me explain my question first. I bought a certificate from a CA and used the following format to generate the csr and the private key: openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr When I open the server.key file, I…

ssl openssl ssl-certificate amazon-iam

asked Jul 18 '13 at 20:44

Silent User

2,357
4
26
33

votes

7 answers

AccessDeniedException: User is not authorized to perform: lambda:InvokeFunction

I'm trying to invoke a lambda function from node. var aws = require('aws-sdk'); var lambda = new aws.Lambda({ accessKeyId: 'id', secretAccessKey: 'key', region: 'us-west-2' }); lambda.invoke({ FunctionName: 'test1', Payload:…

amazon-web-services aws-lambda amazon-iam

asked May 28 '16 at 10:53

Arjun Komath

2,413
3
14
22

votes

20 answers

How can I resolve the error "The security token included in the request is invalid" when running aws iam upload-server-certificate?

I cd into the directory where all the pem/key files are and run the following: aws iam upload-server-certificate --server-certificate-name certificate_name --certificate-body file://webservercertificate.pem --private-key…

amazon-web-services amazon-iam aws-cli

asked Jan 03 '16 at 22:23

Killesk

1,469
2
16
27

votes

2 answers

Terraform: correct way to attach AWS managed policies to a role?

I want to attach one of the pre-existing AWS managed roles to a policy, here's my current code: resource "aws_iam_role_policy_attachment" "sto-readonly-role-policy-attach" { role = "${aws_iam_role.sto-test-role.name}" policy_arn =…

amazon-web-services amazon-iam terraform

asked Jul 10 '17 at 00:24

Shorn

13,549
11
63
124

votes

2 answers

How long should I wait after applying an AWS IAM policy before it is valid?

I'm adding and removing AWS IAM user policies programmatically, and I'm getting inconsistent results from the application of those policies. For example, this may or may not succeed (I'm using the Java 1.6.6 SDK): Start with a user that can read…

amazon-web-services amazon-s3 policy user-permissions amazon-iam

asked Nov 22 '13 at 22:56

Ed Norris

3,623
4
25
29

votes

2 answers

Difference between AWS Elastic Container Service's (ECS) ExecutionRole and TaskRole

I'm using AWS's CloudFormation, and I recently spent quite a bit of time trying to figure out why the role I had created and attached policies to was not enabling my ECS task to send a message to a Simple Queue Service (SQS) queue. I realized that…

amazon-web-services amazon-iam amazon-ecs

asked Feb 27 '18 at 00:51

johnklawlor

1,088
1
10
14

votes

12 answers

User is not authorized to perform: cloudformation:CreateStack

I'm trying out Serverless to create AWS Lambdas and while creating a project using the command serverless project create I'm getting the following error. AccessDenied: User: arn:aws:iam::XXXXXXXXX:user/XXXXXXXXX is not authorized to perform:…

amazon-web-services amazon-iam amazon-cloudformation

asked Dec 12 '15 at 06:55

Milindu Sanoj Kumarage

2,322
2
24
46

votes

6 answers

AWS Lambda:The provided execution role does not have permissions to call DescribeNetworkInterfaces on EC2

Today I have a new AWS Lambda question, and can't find anywhere in Google. I new a Lambda function, there is no question. But when I input any code in this function[eg. console.log();] and click "Save", error is occured: "The provided execution…

amazon-web-services aws-lambda amazon-iam policy role

asked Dec 16 '16 at 05:45

fisheep

votes

2 answers

AWS create role - Has prohibited field

I am trying out a simple example suggested by AWS documentation to create a role using a policy json file http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-service.html And I get the error A client error (MalformedPolicyDocument)…

amazon-web-services amazon-s3 amazon-iam aws-cli

asked Dec 09 '15 at 20:06

blueskin

8,713
10
67
100

votes

1 answer

How to assume an AWS role from another AWS role?

I have two AWS account - lets say A and B. In account B, I have a role defined that allow access to another role from account A. Lets call it Role-B { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { …

python amazon-web-services boto3 amazon-iam

asked Nov 17 '16 at 10:30

Prashant

2,863
3
20
36

votes

3 answers

How do I log in to AWS Console with an IAM user account?

I have created an IAM user account. Now I want to connect with this user to the AWS console. AWS says: For Users who need access to the AWS Management Console, create a password in the Users panel after completing this wizard. I have created one…

security authentication amazon-web-services amazon-iam

asked Feb 17 '14 at 16:55

Gabriel Petrovay

17,013
19
79
142

votes

2 answers

AWS lambda invoke not calling another lambda function - Node.js

After giving all the rights to invoke function. My Lambda function is not able to invoke another function . Every time I am getting timeout having 30 seconds timeout issue. It looks like lambda is not able to get another lambda function My lambdas…

amazon-web-services aws-lambda aws-sdk amazon-iam

asked Aug 25 '16 at 11:57

Arpit Vaishnav

4,487
6
34
52

2 3

…

99 100 Next