[英]voclabs is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy
While performing the Module 8 challenge lab for AWS Academy Solutions Architecting course.在执行 AWS Academy 解决方案架构课程的第 8 单元挑战实验室时。 I received the following error message while performing Task 4 when I go for adding IAMReadOnlyAccess
to Olivia(an imaginary person who acts as Database Admin in this lab):当我 go 将IAMReadOnlyAccess
添加到 Olivia(一个虚构的人,在本实验室中充当数据库管理员)时,我在执行任务 4 时收到以下错误消息:
User: <arn> assumed-role/voclabs/<username> is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy action
. User: <arn> assumed-role/voclabs/<username> is not authorized to perform: iam:AttachUserPolicy on resource: user Olivia because no identity-based policy allows the iam:AttachUserPolicy action
。 Here <arn> and <username>
are most probably different for everyone hence I didn't explicitly mention them.这里<arn> and <username>
很可能对每个人来说都是不同的,因此我没有明确提及它们。
I would like to know how can I resolve this error.我想知道如何解决此错误。
I figured out the mistake.我弄清楚了错误。 Students don't have enough access to directly add policies to singular Users
in this lab (as I was trying to do).学生没有足够的访问权限直接向本实验室中的单个Users
添加策略(正如我试图做的那样)。 We have to add policy to User groups
.我们必须向User groups
添加策略。 It worked when I attached the policies directly to DBAdministrators
group (of which Olivia is a member).当我将策略直接附加到DBAdministrators
组(Olivia 是该组的成员)时,它起作用了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.