[英]An error occurred (NotAuthorizedException) when calling the UpdateUserPool operation
An error occurred (NotAuthorizedException) when calling the UpdateUserPool operation: Caller needs to have kms:CreateGrant permission on provided KMS Key调用 UpdateUserPool 操作时发生错误 (NotAuthorizedException):调用方需要对提供的 KMS 密钥具有 kms:CreateGrant 权限
aws cognito-idp update-user-pool --user-pool-id {user_pool_id} --lambda-config "CustomEmailSender={LambdaVersion=V1_0,LambdaArn= lambda-arn },KMSKeyID=key-arn"
There is likely one of two issues going on:可能存在以下两个问题之一:
key-arn
KMS key, but have not assigned kms:CreateGrant
permission to an IAM policy applied to the user/principal running that command.您已将默认 KMS 密钥策略应用于key-arn
KMS 密钥,但尚未向应用于运行该命令的用户/委托人的 IAM 策略分配kms:CreateGrant
权限。kms:CreateGrant
permission for the principal running the command in the KMS key policy for the key-arn
KMS key.您尚未为运行该命令的主体应用kms:CreateGrant
权限,该权限在key-arn
KMS 密钥的 KMS 密钥策略中运行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.