cloudsploit icon indicating copy to clipboard operation
cloudsploit copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

User is not authorized for multiple plugins

Open AmeerTheInteger opened this issue 2 years ago • 7 comments
trafficstars

After attaching read only policies to the user, getting following error for multiple plugins

"Unable to list Access Analyzers: User: arn:aws:iam::9XXXXXXXXX840:user/new_user is not authorized"

Here is SS for dynamoDB:

Screenshot 2023-09-01 at 1 34 38 PM

AmeerTheInteger avatar Sep 01 '23 08:09 AmeerTheInteger

@AmeerTheInteger you should add list policies to the user also.

fatima99s avatar Sep 01 '23 12:09 fatima99s

@AmeerTheInteger you should add list policies to the user also.

Already done that.

AmeerTheInteger avatar Sep 01 '23 12:09 AmeerTheInteger

Hi @AmeerTheInteger , Can you share the list of policies you have attached to the new_user?

alphadev4 avatar Sep 04 '23 08:09 alphadev4

Hi @AmeerTheInteger , Can you share the list of policies you have attached to the new_user?

image

AmeerTheInteger avatar Sep 04 '23 09:09 AmeerTheInteger

hi @AmeerTheInteger , so the policy that have the required permissions is SecurityAudit. Can you try using this policy? Please refer to the following doc - https://github.com/aquasecurity/cloudsploit/blob/master/docs/aws.md

alphadev4 avatar Sep 05 '23 08:09 alphadev4

hi @AmeerTheInteger , so the policy that have the required permissions is SecurityAudit. Can you try using this policy? Please refer to the following doc - https://github.com/aquasecurity/cloudsploit/blob/master/docs/aws.md

The issue is with Dynamo DB. I have attached its policy but still getting the same error

AmeerTheInteger avatar Sep 05 '23 10:09 AmeerTheInteger

hi @AmeerTheInteger No i believe that issue is not with dynamo db its with attached policies. The policy that you have attached did not have the required permissions. Can you try out updating the permissions?

alphadev4 avatar Dec 07 '23 18:12 alphadev4