search

aws-samples / aws-iam-access-key-auto-rotation

This set of CloudFormation templates and Python scripts will set up an auto-rotation function that will automatically rotate your AWS IAM User Access Keys every 90 days.
MIT No Attribution
140 stars 130 forks source link

I keep receiving Error: An error occurred (AccessDeniedException) when calling the ListAccounts operation: You don't have permissions to access this resource. #10

Closed eddiekimosabe closed 3 years ago

eddiekimosabe commented 3 years ago

Hi when I try to manually test the ASA-IAM-Access-Key-Rotation-Function Lambda Function it appears that I keep receiving: 

Error: An error occurred (AccessDeniedException) when calling the ListAccounts operation: You don't have permissions to access this resource.

I can see that the policies attached to the resource allows for the ListAccounts operation, but for some reason I keep receiving the above error.

Here are some screenshots for more context:

Screen Shot 2021-11-15 at 10 14 34 AM Screen Shot 2021-11-15 at 10 16 39 AM

Also thank you for the updated version of this tool 🙏

eddiekimosabe commented 3 years ago

I get the feeling that it may be related to this:

IMPORTANT NOTE: The ‘list_accounts’ API operation can only be called from the organization's management account or by a member account that is a delegated administrator for an AWS service.

I'm going to close this ticket. If it happens to be something else I will open a new one.