1 Answer
- Newest
- Most votes
- Most comments
0
It sounds like you might need to add a few more actions to your IAM user policy. To fix those issues specifically, it will need to include the following in addition to the KMS actions:
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": [
"iam:ListRoles",
"iam:ListUsers"
],
"Resource": "*"
}
}
There are some more examples here of policies that allow various KMS actions: https://docs.aws.amazon.com/kms/latest/developerguide/customer-managed-policies.html
answered 2 years ago
Relevant content
- Accepted Answerasked a year ago
- asked 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago