인프런 커뮤니티 질문&답변
작성한 질문수
terraform_user IAM 권한 설정 질문
24.03.04 19:06 작성
·
175
·
수정됨
0
Plan: 1 to add, 0 to change, 0 to destroy.
╷
│ Error: reading IAM Group (developer): AccessDenied: User: arn:aws:iam::216917526503:user/terraform_user is not authorized to perform: iam:GetGroup on resource: group developer with an explicit deny in an identity-based policy
│ status code: 403, request id: 5ebfada0-00cc-4b7b-b068-fa8904a32f99
│
│ with aws_iam_group.devloper_group,
│ on main.tf line 10, in resource "aws_iam_group" "devloper_group":
│ 10: resource "aws_iam_group" "devloper_group" {
│
╵
╷
│ Error: reading IAM Policy (arn:aws:iam::216917526503:policy/system/developer_policy): AccessDenied: User: arn:aws:iam::216917526503:user/terraform_user is not authorized to perform: iam:GetPolicy on resource: policy arn:aws:iam::216917526503:policy/system/developer_policy with an explicit deny in an identity-based policy
│ status code: 403, request id: 676eb160-1f6c-4167-9396-bfa54b9ef85b
│
│ with aws_iam_policy.developer_policy,
│ on main.tf line 22, in resource "aws_iam_policy" "developer_policy":
│ 22: resource "aws_iam_policy" "developer_policy" {
│
╵terraform user를 만들고 진행중인데, aws configure 이후 terraform apply 하면서 권한을 에러가 발생해서 해당 유저에게 어떤 권한을 줘야할지 모르겠습니다 ㅎㅎ
우선, FullAccess를 부여해서 성공했습니다
답변 1
1
미쿡엔지니어
지식공유자
2024. 03. 05. 04:43
안녕하세요 정채진님,
에러를 보시면 일단은 iam:GetGroup 퍼미션이 필요해 보입니다.
AccessDenied: User: arn:aws:iam::216917526503:user/terraform_user is not authorized to perform: iam:GetGroup on resource