1 Answer
- Newest
- Most votes
- Most comments
1
It looks like the operation you're attempting needs to create a policy as well as a role, so your user needs to be granted permission to iam:createPolicy. You can do this through the console if you have access otherwise you'd need to ask your administrator.
The policy name that you're seeing looks to be automatically generated, ending in a GUID. When you're granting access to iam:createPolicy it doesn't make sense to restrict to a specific policy, since that policy won't exist until you've created it. Depending on your use case you may want to limit the by condition keys: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html.
answered 2 years ago
Relevant content
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 17 days ago
- AWS OFFICIALUpdated 3 months ago