AWS explicitly denying service or action

Users will frequently be denied by AWS when attempting to start a service or perform a specific action.

Turbot uses AWS IAM lock down policies to restrict users from accessing or creating resources within a particular service.

For example, if you are having issues accessing Athena, make sure you have AWS > Athena > Enabled in the Turbot Console. Depending on what you are trying to accomplish, multiple services might need to be enabled in Turbot. For example, if you are using an Athena database to query S3 data, that also requires AWS > QuickSight > Enabled.

The fastest and easiest way to determine an issue with IAM policies (i.e. an explicit or implicit deny) is to use the built-in AWS IAM Policy Simulator. You can find more about the Policy Simulator here.

Once you have ran the policy simulator, the required permissions can be determined and subsequently enabled within the Turbot console.

If any issues arise, help@turbot.com is available to provide assistance.

Was this article helpful?
0 out of 0 found this helpful