5,674 questions
0
votes
0
answers
21
views
How to connect RDS MySQL db using IAM assumed role in Python
I have service running in AWS account A1 and that has the AWS IAM role R1. My service is attached to a service account that has access to role R1.
Now I have an RDS MySQL cluster setup in a different ...
0
votes
1
answer
32
views
Unable to delete pod from EC2 instance
I have an EKS cluster running, and I use an EC2 machine to submit jobs that get scheduled on the EKS cluster. The EKS cluster and EC2 machine are attached with an IAM role, which has access to ...
- 1,689
1
vote
1
answer
44
views
AWS Service IAM Roles - do they allow cross-account access by default (unless prohibited)?
AWS Service IAM Roles, including built-in ones, seem to often have trust policies like this, that specify no limits on the Source ARN or the Source Account of whatever service is trying to assume the ...
- 101
0
votes
1
answer
18
views
AWS integration - Identity Provider in IAM with OKta doesnt work as User is not getting added
I have a use case of onbaording AWS with OKta, I first tried with IAM Identity Center which didnt work as we have a Parent account ( Management Account heirarchy) which will force us to have all the ...
- 41
0
votes
0
answers
14
views
AWS Patching cross account connectivity
We are planning to implement the AWS Patch Manager solution to patch our Windows and Linux EC2 instances. We will be setting up a WSUS/Satellite server in a shared account and, in the client account (...
1
vote
1
answer
63
views
Access denied to AWS Secrets Manager API for BatchGetSecretValue, while GetSecretValue works
I have configured an AWS IAM policy to allow all access to secretsmanager on all resources:
{
"Version": "2012-10-17",
"Statement": [
{
"...
- 32.5k
2
votes
1
answer
48
views
How to hide a specific DynamoDB attribute from the AWS Console?
I'm trying to hide a sensitive DynamoDB attribute from being visible in the AWS Console for certain IAM users viewing a specific DynamoDB table.
I tried this approach (and many variations of it):
{
&...
- 1,009
0
votes
0
answers
18
views
Hazelcast cannot retrieve credentials from AWS role
I have a spring-boot application running on elastic beanstalk, and it communicates with other instances in the ELB-cluster through hazelcast. Or rather, it did.
We are in the process of upgrading the ...
- 1,391
0
votes
0
answers
70
views
AppConfig:StartConfigurationSession managed IAM policy attached to the Amplify unauthorized user role is being ignored
I'm using Amplify Gen.2 with custom CDKs to deploy my AWS backend for my iOS app written in Swift.
One of the CDK constructs implements the AWS AppConfig service, that's also where I'm setting the ...
- 1,574
0
votes
0
answers
33
views
How to grant a lambda function access to call routes in an API gateway
Scenario:
I create 4 different lambda functions using docker images. Each function is created froma separate image. Each function contains different FAST API routes for a different service.
I create ...
- 1,791
0
votes
0
answers
123
views
How do I create a correct signature for AWS Elasticache IAM authentication in C#?
I have been trying to authenticate with an Elasticache cluster using IAM authentication in .NET8 and failing with the following error:
Unhandled exception. StackExchange.Redis....
- 537
1
vote
1
answer
26
views
Passing the thing name when a IAM role is assumed
I have an IoT device that is a Thing on AWS IoT. The Thing has a certificate that the device uses to connect to MQTT. I created a trust policy that allows the Thing to assume a IAM role. I also ...
- 346
0
votes
1
answer
258
views
AWS Opensearch serverless 403 Forbidden when calling inside an ECS task with java OpensearchClient
I have set up a serverless collection. From my local environment I can put and search the index with java OpensearchClient
this.client = new OpenSearchClient(
new AwsSdk2Transport(
...
0
votes
1
answer
51
views
How can I allow an AWS EMR Cluster to create service-linked roles
I'm trying to stand up a new cluster in AWS EMR, but it immediately fails with the following error:
Service-linked role 'AWSServiceRoleForEMRCleanup' for EMR is required.
Please create this role ...
- 1,291
0
votes
0
answers
43
views
IAM aws-cli commands having issues in gov?
I have an account in us-gov-west-1 region.
Inside the AWS console cloudshell, I'm trying to run aws-cli commands. It looks like IAM calls fail, but others work.
Every time I'm trying to run a IAM ...
