Failed BlueXP deployment through the UI
- Views:
- 38
- Visibility:
- Public
- Votes:
- 0
- Category:
- cloud-manager
- Specialty:
- bluexp
- Last Updated:
- 12/31/2024, 9:49:10 PM
Applies to
- BlueXP
- AWS
Issue
BlueXP deployment through the UI fails with:
User: arn:aws:sts::xxxxxxxxxxx:assumed-role/Onprem_Bluexp_Role/Onprem-Bluexp-Role is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::xxxxxxxxxxx:role/Cloud-Manager-Operator-YY6TNs9 with an explicit deny in a service control policy
Action\":[\"ec2:CreateTags\",\"ec2:DeleteTags\",\"ec2:DescribeTags\",\"tag:getResources\",\"tag:getTagKeys\",\"tag:getTagValues\", \"tag:TagResources\",\"tag:UntagResources\"],\"Resource\":\"*\",\"Effect\":\"Allow\",\"Sid\":\"tagServicePolicy