Creating connector fails with an explicit deny in a permissions boundary
- Views:
- 167
- Visibility:
- Public
- Votes:
- 0
- Category:
- cloud-manager
- Specialty:
- bluexp
- Last Updated:
- 3/28/2024, 7:32:31 AM
Applies to
- NetApp BlueXP
- NetApp Cloud Volume ONTAP (CVO)
- Amazon Web Service (AWS)
- Using permissions boundary
Issue
Creating connector fails with error:
Encountered a permissions error performing a tagging operation, please add required tag permissions. Retrying request without including tags. See https://repost.aws/knowledge-center/cloudformation-tagging-permission-error for how to resolve. Resource handler returned message: "User: arn:aws:sts::xxxxxxxxxxxx:assumed-role/<ROLE_NAME>/<CREDENTIALS_NAME> is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::xxxxxxxxxxxx:role/aws-dev-operator with an explicit deny in a permissions boundary (Service: Iam, Status Code: 403, Request ID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)"