Unable to create new IAM policy

Users will sometimes see an explicit deny from AWS when attempting to create a new IAM policy. 

In general, changes to IAM requires either AWS/Owner or AWS/Superuser Turbot permissions. Federated users are unable to make changes to their own user via the AWS IAM dashboard, but can make changes to service users and accounts that are not managed by Turbot. 

More information regarding IAM policies and the grants they require within Turbot can be found here.

Help@turbot.com is available to help answer any questions that may arise.

Was this article helpful?
0 out of 0 found this helpful