You are not authorized to perform this operation. User: arn:aws:iam::654654233405:user/kk_labs_user_362353 is not authorized to perform: ec2:DescribeVpcs with an explicit deny in a service control policy
is there anyway to grant these access in playgrounds, not able to attach policies
│ Error: putting IAM Role (ec2-ssm-role) Policy (ec2-ssm-role-policy):
operation error IAM: PutRolePolicy, https response error StatusCode: 403,
RequestID: 9e34e067-2563-462a-ac87-554f1dbdcb88,
api error AccessDenied: User: arn:aws:iam::536697240563:user/kk_labs_user_495513
is not authorized to perform: iam:PutRolePolicy on resource:
role ec2-ssm-role because no identity-based policy allows the iam:PutRolePolicy action
if above permissions can be granted in kodekloud, pl share the method
What were you trying to do when you got these error messages? For safety and to make sure that the cost of the playgrounds is reasonable, we do block certain kinds of actions in the playgrounds. So it will depend upon what you trying to do.
hi Rob, attached screenshot, here in terraform at ssm:PutInventory execution is failing, i am not able to attach this ssm policy to the role
I’m reasonably certain we do not support creating policy roles, which is why you’d get this error. Since IAM gives you the ability to do virtually anything in AWS, this should not surprise you.
