2016-01-17 186 views
1

我模板的高級用戶策略和加入MFA狀態,導致MFA-高級用戶像下面AWS高級用戶與MFA(IAM策略)

{ 
"Version": "2012-10-17", 
"Statement": [ 
    { 
     "Effect": "Allow", 
     "NotAction": "iam:*", 
     "Resource": "*", 
     "Condition": { 
      "Bool": { 
       "aws:MultiFactorAuthPresent": "true" 
      } 
     } 
    } 
] 

}

中的描述和意圖是:

Provides full access to AWS services and resources, but does not allow management of Users and groups. MFA needed by login. 

使用政策模擬器在EC2上進行測試所有EC2操作都被拒絕,原因是

implicitly denied (no matching statement) 
+0

。應該將環境變量MultiFactorAuthPresent放入模擬器中 –

回答

3

自己解決。應該給環境變量MultiFactorAuthPresent加入我自己解決的模擬器

相關問題