Difference between revisions of "Iam:CreateRole"
Jump to navigation
Jump to search
(16 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | + | {{lc}} | |
− | │ Error: error creating IAM Role (education-eks-Z0u0TjYd20220217012453602100000003): [[AccessDenied]]: User: arn:aws:iam::123456789:user/YOUR_USER | + | │ Error: error creating IAM Role (education-eks-Z0u0TjYd20220217012453602100000003): [[AccessDenied]]: User: arn:aws:iam::123456789:user/YOUR_USER is not authorized to perform: [[iam:CreateRole]] on resource: arn:aws:iam::123456789:role/education-eks-Z0u0TjYd20220217012453602100000003 |
− | |||
│ status code: 403, request id: a98095c0-38b9-44bc-8243-da0a7c87e523 | │ status code: 403, request id: a98095c0-38b9-44bc-8243-da0a7c87e523 | ||
│ | │ | ||
│ with module.eks.aws_iam_role.cluster[0], | │ with module.eks.aws_iam_role.cluster[0], | ||
− | │ on .terraform/modules/eks/main.tf line 128, in resource "aws_iam_role" "cluster": | + | │ on .terraform/modules/eks/main.tf line 128, in resource "[[aws_iam_role]]" "cluster": |
│ 128: resource "aws_iam_role" "cluster" { | │ 128: resource "aws_iam_role" "cluster" { | ||
+ | |||
+ | |||
+ | User: arn:aws:sts::1234567890:[[assumed-role/]]xxxxx is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::1234567890:role/xxxxx [[with an explicit deny in an identity-based policy]] | ||
+ | |||
+ | == Related == | ||
+ | * <code>[[aws iam create-role]]</code> | ||
+ | * <code>[[iam:CreatePolicy]]</code> | ||
+ | * <code>[[iam:CreateServiceLinkedRole]]</code> | ||
== See also == | == See also == | ||
− | * {{Terraform | + | * {{aws_iam_role_resource}} |
+ | * {{Terraform IAM}} | ||
+ | * {{IAM role}} | ||
[[Category:AWS]] | [[Category:AWS]] |
Latest revision as of 16:23, 3 January 2024
│ Error: error creating IAM Role (education-eks-Z0u0TjYd20220217012453602100000003): AccessDenied: User: arn:aws:iam::123456789:user/YOUR_USER is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::123456789:role/education-eks-Z0u0TjYd20220217012453602100000003 │ status code: 403, request id: a98095c0-38b9-44bc-8243-da0a7c87e523 │ │ with module.eks.aws_iam_role.cluster[0], │ on .terraform/modules/eks/main.tf line 128, in resource "aws_iam_role" "cluster": │ 128: resource "aws_iam_role" "cluster" {
User: arn:aws:sts::1234567890:assumed-role/xxxxx is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::1234567890:role/xxxxx with an explicit deny in an identity-based policy
Related[edit]
See also[edit]
aws_iam_role: assume_role_policy, iam:CreateRole
- Terraform IAM: Terraform aws iam resources, Terraform IAM module
- AWS IAM role, AWS service roles, AWS IAM Roles Anywhere: [
list-roles | get-role | create-role | put-role-policy | create-service-linked-role | attach-role-policy | update-role | add-role-to-instance-profile ], aws ec2 describe-iam-instance-profile-associations ]
, IAM roles for EC2 instances,AWSServiceRoleForAutoScaling
Advertising: