The premise is this; I want groups that give permissions to Actions, and groups that permissions to AWS resources. By adding users to multiple groups, I should be able to control permissions to resources per user. However, when implementing the…
I'm trying to invoke Entity Resolution APIs IAM User Details: IAM User: user1 Policy Name: AssumeRolePolicy I generated Access key and secret for user1 and using those in my spring boot application. Policy Attached to user1 (AssumeRolePolicy): { "Version": "2012-10-17",…
I have few files in an ec2 machine of Account A. I would like to copy these files to a s3 bucket in Account B with User A. Could you please guide me with the necessary IAM policy or the…
I'm currently trying to figure something out. I have 2 AWS Accounts. Account A has a bucket called my_awesome_files. Account B has users, that would like to be able to see those documents in my_awesome_files. I have the following policies…
I'm having trouble getting the IAM role setup to work for a Redshift scheduled query. I created a role redshift-scheduled-query that looks like: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "events.amazonaws.com", "redshift.amazonaws.com" ] }, "Action":…
I have permission set created in AWS, and I am creating an INLINE policy where I want to give access to a specific bucket . when I am trying below it works fine which is something I don't want, however…
I have an S3 bucket named my.example.com, and within it I have the folder Folder1. I'm confused about why the following policy doesn't let me download files from Folder1. { "Version": "2012-10-17", "Statement": [ { "Sid": "MyPolicy", "Effect": "Allow", "Action":…
I have the following policy, however using these policy users can still create resrouces with this tag, however they just will have all access denied to the resource with this policy. Is there a way to deny EC2 creation based…
What is the relationship between the role my principal is using and the RBAC in k8s? Specifically, when I do kubectl describe -n kube-system configmap/aws-auth I see this role: myAmazonEKSNodeRole as described here. But when I look in the role…
I am trying to run the following code snipet (based on this code here): import boto3, os from dotenv import load_dotenv load_dotenv() AWS_ACCESS_KEY=os.getenv('AWS_ACCESS_KEY') AWS_SECRET_KEY=os.getenv('AWS_SECRET_KEY') translate = boto3.client( service_name='translate', region_name='us-east-1', aws_access_key_id=AWS_ACCESS_KEY, aws_secret_access_key=AWS_SECRET_KEY, ) result = translate.translate_text(Text="Hello, World", SourceLanguageCode="en", TargetLanguageCode="de") print('TranslatedText: '…