Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid ARN Resource when creating the policy, #185

Open
trufa opened this issue Jun 7, 2024 · 2 comments
Open

Invalid ARN Resource when creating the policy, #185

trufa opened this issue Jun 7, 2024 · 2 comments

Comments

@trufa
Copy link

trufa commented Jun 7, 2024
edited
Loading

When creating the policy I'm copying exactly as shown in the docs

Screenshot 2024-06-07 at 4 15 17 PM

With my id replaced.

I am getting the error:

Invalid ARN Resource Resource ARN does not match the expected ARN format. Update the resource portion of the ARN.

arn:aws:sts::MY_ID:federated-user/S3UploadWebToken

I noticed that if I change sts for iam it accepts the policy.

arn:aws:aim::MY_ID:federated-user/S3UploadWebToken

For now I changed the resource for "*" and it uploads but I am not sure of the security implications of this.

Any more info on why this might be happening?
@rgoggins
Copy link

rgoggins commented Jul 1, 2024
edited
Loading

If you switch to arn:aws:iam, you get the issue:

AccessDenied: User: arn:aws:iam::<MY_ID>:user/<USER> is not authorized to perform: sts:GetFederationToken on resource: arn:aws:sts::<MY_ID>:federated-user/S3UploadWebToken

@danielivanovz
Copy link

if you create the policy, it will still work, tho would be nice to find out why is triggering an Error

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@trufa @danielivanovz @rgoggins