Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Updating cloudwatch alarm blocked by permissions

0

I am trying to update thresholds in a cloud watch alarm -- I log in and use CAZ to get admin access. But when I try to edit alarm thresholds or data points and hit "update" I get error:

... is not authorized to perform: cloudwatch:PutMetricAlarm on resource: ... because no session policy allows the PutMetricAlarm action.

Additional details:

  • I can create an S3 bucket on the account but I cannot update or create an alarm.
  • The account doesn't have any cloudwatch specific roles.
  • A few weeks ago when we were still using MPA instead of CAZ we didn't experience these issues -- might be CAZ related.

Thanks!

Temas
Gestión y gobiernoSeguridad, identidad y cumplimiento
Etiquetas
Amazon CloudWatchPolíticas de IAM
Idioma
English
AWS-User-8097789
preguntada hace 9 meses358 visualizaciones
2 Respuestas
1

Hello.

Is it possible to see which IAM policies are currently attached?
The error is due to insufficient permissions to operate CloudWatch.
The permission "cloudwatch:PutMetricAlarm" must be set to edit CloudWatch Alarm.
The following documents may be helpful regarding CloudWatch permissions.
https://repost.aws/knowledge-center/cloudwatch-restrict-console-access
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatch.html

profile picture
EXPERTO
Riku_Kobayashi
respondido hace 9 meses
profile pictureAWS
EXPERTO
Didier_Durand
revisado hace 9 meses
0

Thanks, I've created the role, but now I can't assign the role, how do I get permissions to do that? I'm reviewing access denied troubleshooting.

AWS-User-8097789
respondido hace 8 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante