voclabs 无权对资源执行:iam:AttachUserPolicy:用户 Olivia,因为没有基于身份的策略允许 iam:AttachUserPolicy
[英]voclabs is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy
问题描述
While performing the Module 8 challenge lab for AWS Academy Solutions Architecting course.
在执行 AWS Academy 解决方案架构课程的第 8 单元挑战实验室时。 I received the following error message while performing Task 4 when I go for adding IAMReadOnlyAccess to Olivia(an imaginary person who acts as Database Admin in this lab):当我 go 将IAMReadOnlyAccess添加到 Olivia(一个虚构的人,在本实验室中充当数据库管理员)时,我在执行任务 4 时收到以下错误消息:
User: <arn> assumed-role/voclabs/<username> is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy action . User: <arn> assumed-role/voclabs/<username> is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy action 。 Here <arn> and <username> are most probably different for everyone hence I didn't explicitly mention them.这里<arn> and <username>很可能对每个人来说都是不同的,因此我没有明确提及它们。
I would like to know how can I resolve this error.我想知道如何解决此错误。
1 个解决方案
解决方案1
0 已采纳 2022-05-02 11:03:52
I figured out the mistake.我弄清楚了错误。 Students don't have enough access to directly add policies to singular Users in this lab (as I was trying to do).学生没有足够的访问权限直接向本实验室中的单个Users添加策略(正如我试图做的那样)。 We have to add policy to User groups .我们必须向User groups添加策略。 It worked when I attached the policies directly to DBAdministrators group (of which Olivia is a member).当我将策略直接附加到DBAdministrators组(Olivia 是该组的成员)时,它起作用了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.