Closed phamanh195 closed 3 years ago
In my case, step 5 was missing with creating the policy for the user providing arn role path
Step 5. Add an AWS Security Token Service policy to your IAM user
It looks like the guidance on the docs around adding a role doesnt seem to work (or I have messed it up somehow). The work around is to add the policy directly the user as per phamanh195 suggestion: IAM Management Console => users => select user => add inline policy => click on JSON tab => add the following: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "execute-api:Invoke", "Resource": "arn:aws:execute-api:::*" } ] } Appreciate it is not best practices, but i've got access now. p.s. i have removed the policy and it has defaulted back to the authorization error above/ hey @krybbio @cdragon1116 I tried same thing ... but it's not working ..... Do I have to create new app again after updating policy ? Stuck on this for days ...
Tried this all but none of the solutions available on this thread helped. Still getting the following error: [{'message': 'Access to requested resource is denied.', 'code': 'Unauthorized', 'details': ''}]
I am having the exactly the same error.
I have following policy, but, it did not work. The bad thing is it dose not state what is wrong with it....
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "execute-api:Invoke",
"Resource": "arn:aws:execute-api:*:*:*"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "sts:AssumeRole",
"Resource": "*"
}
]
}
Hi, I am trying the new SP-API and I met the issue about authorization when call request. Step I did:
Headers included: host;user-agent;x-amz-access-token;x-amz-date Canonical request: """ GET /feeds/2020-09-04/feeds
host:sellingpartnerapi-na.amazon.com user-agent: { user-agent } x-amz-access-token: { my-access-token } x-amz-date:20201013T024957Z
host;user-agent;x-amz-access-token;x-amz-date e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 """
Authorize header: """ AWS4-HMAC-SHA256 Credential={ access-key-when-create-IAM }/20201013/us-east-1/execute-api/aws4_request, SignedHeaders=host;user-agent;x-amz-access-token;x-amz-date, Signature={ signature } """
And I always meet authorize issue: Response: """ { "errors": [ { "message": "Access to requested resource is denied.", "code": "Unauthorized", "details": "" } ] } """ There is no detail information. Is this a server side errors or I missed out something when submit the request? Could you please help me to address this issue?