1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Hello.
The error message “with an explicit deny in a service control policy” suggests that “tag:GetResources” is restricted by the SCP feature of Organizations, not IAM policy.
Therefore, I recommend that you contact the person who manages your AWS account or the administrator of your organization to check whether "tag:GetResources" etc. are restricted by SCP.
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html
By the way, what kind of settings are you using in SCP?
Additionally, SCPs also inherit policies set in higher-level OUs, so if the OU of the AWS account in which the error occurs is a child OU, please also check the SCP set in the higher-level OU.
Contenus pertinents
- Réponse acceptéedemandé il y a 2 ans
- demandé il y a 3 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 10 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an