not authorized to perform this action
Posted: Thu Nov 26, 2015 7:51 pm
Hello,
I have created following policy for the IAM user, however despite having all permissions I am getting Exception: You are not authorized to perform this operation.
If I give full EC2 permission it does create the snapshot, however I see the only difference is in Tags section, rest it does show the snapshot even in other case, which certainly I cant give, so any recommendations. I have m3.large AWS EC2 instance so please provide your comments.
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “Stmt1444061802000”,
“Effect”: “Allow”,
“Action”: [
“ec2:DescribeInstances”,
“ec2:DescribeVolumes”,
“ec2:StartInstances”,
“ec2:StopInstances”,
“ec2:CreateSnapshot”,
“ec2:DeleteSnapshot”,
“ec2:DescribeSnapshots”,
“ec2:CreateTags”,
“ec2:RunInstances”,
“ec2:DescribeKeyPairs”,
“ec2:DescribeImages”,
“ec2:DescribeTags”,
“rds:DescribeDBInstances”,
“rds:CreateDBSnapshot”,
“rds:DeleteDBSnapshot”,
“rds:DescribeDBSnapshots”,
“tag:*”
],
“Resource”: [
“*”
]
}
]
}
Shaugun
I have created following policy for the IAM user, however despite having all permissions I am getting Exception: You are not authorized to perform this operation.
If I give full EC2 permission it does create the snapshot, however I see the only difference is in Tags section, rest it does show the snapshot even in other case, which certainly I cant give, so any recommendations. I have m3.large AWS EC2 instance so please provide your comments.
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “Stmt1444061802000”,
“Effect”: “Allow”,
“Action”: [
“ec2:DescribeInstances”,
“ec2:DescribeVolumes”,
“ec2:StartInstances”,
“ec2:StopInstances”,
“ec2:CreateSnapshot”,
“ec2:DeleteSnapshot”,
“ec2:DescribeSnapshots”,
“ec2:CreateTags”,
“ec2:RunInstances”,
“ec2:DescribeKeyPairs”,
“ec2:DescribeImages”,
“ec2:DescribeTags”,
“rds:DescribeDBInstances”,
“rds:CreateDBSnapshot”,
“rds:DeleteDBSnapshot”,
“rds:DescribeDBSnapshots”,
“tag:*”
],
“Resource”: [
“*”
]
}
]
}
Shaugun