Am trying to give access on test user with limited permission on ec2 instance to perform server start and stop activity, unfortunately am getting this message on testuser dashboard.
**Error:
You are not authorized to perform this operation. User: arn:aws:iam::XXXXXXXXXXXX:user/testuser is not authorized to perform: ec2:DescribeInstances because no identity-based policy allows the ec2:DescribeInstances action
policy:
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“ec2:DescribeInstances”
],
“Resource”: [
“arn:aws:ec2:us-east-1:XXXXXXXXXXXX:instance/i-XXXXXXXXXXXXXXXXX”,
“arn:aws:ec2:us-east-1:XXXXXXXXXXXX:instance/i-XXXXXXXXXXXXXXXXX”
]
},
{
“Effect”: “Allow”,
“Action”: [
“ec2:StartInstances”,
“ec2:StopInstances”
],
“Resource”: “arn:aws:ec2:us-east-1:XXXXXXXXXXXX:instance/i-XXXXXXXXXXXXXXXXX”,
“Condition”: {
“StringEquals”: {
“ec2:InstanceId”: [
“i-XXXXXXXXXXXXXXXXX”
]
}
}
},
{
“Effect”: “Allow”,
“Action”: [
“ec2:StartInstances”,
“ec2:StopInstances”
],
“Resource”: “arn:aws:ec2:us-east-1:XXXXXXXXXXXX:instance/i-XXXXXXXXXXXXXXXXX”,
“Condition”: {
“StringEquals”: {
“ec2:InstanceId”: [
“i-XXXXXXXXXXXXXXXXX”
]
}
}
}
]
}
Please help me
Am trying to give access on test user with limited permission on ec2 instance to perform server start and stop activity, unfortunately am getting this message on testuser dashboard.
mounika is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.