Thursday, June 16, 2022
HomeCyber Securitynull (Service: AWSKMS; Standing Code: 400; Error Code: AccessDeniedException; Request ID: xxx;...
Cyber Security

null (Service: AWSKMS; Standing Code: 400; Error Code: AccessDeniedException; Request ID: xxx; Proxy: null) | by Teri Radichel | Bugs That Chunk | Jun, 2022

Admin
By Admin
0
1


Making an attempt to grant entry an organizational unit entry to a KMS key

Proper now I’m attempting to provide an organizational unit entry to a KMS key. I’ve adopted numerous totally different sources of documentation and that is the error I get:

null (Service: AWSKMS; Standing Code: 400; Error Code: AccessDeniedException; Request ID: 51440912–11e7–4d72–8543-a5ffafe2e477; Proxy: null)

The issue was that I didn’t have the brackets [ ] within the precise proper place within the json hierarchy.

"Situation":{  
"ForAnyValue:StringLike":{   
"aws:PrincipalOrgPaths":[     
"o-1122334455/r-abcd/ou-1/",     
"o-1122334455/r-abcd/ou-2/"   
 ]  
} 
}

No matter code is processing the request to entry the hot button is anticipating an array of values in [] like [a, b, c] not a single worth “a” with out brackets or an inventory like this “a”, “b” with no brackets.

The code is anticipating one nested situation “aws:PrincipalOrgPaths” for the StringLike situation, not an array [ “aws:PrincipalOrgPaths”, “x”, “y”].

I had the [ and ] round aws:PrinicpalOrgPaths as a substitute of the place it’s across the two organizations right here.

Code is choosy!

Repair: It could be nicer if the KMS coverage editor caught this error earlier than saving in its validation routine.

I additionally discovered it useful to make use of the asterisk within the org path like this the place the primary worth is the group id and the final worth is the OU ID, each that are discovered within the AWS Organizations part of the AWS portal.

"Situation":{  
"ForAnyValue:StringLike":{   
"aws:PrincipalOrgPaths":[     
"o-1122334455/*/ou-1/",     
"o-1122334455/*/ou-2/"   
 ]  
} 
}

Assets:

Teri Radichel — Observe me @teriradichel on Twitter

© 2nd Sight Lab 2022

____________________________________________

About this weblog:

Wish to be taught extra about Cybersecurity and Cloud Safety? Take a look at: Cybersecurity for Executives within the Age of Cloud on Amazon

Want Cloud Safety Coaching? 2nd Sight Lab Cloud Safety Coaching

Is your cloud safe? Rent 2nd Sight Lab for a penetration check or safety evaluation.

Have a Cybersecurity or Cloud Safety Query? Ask Teri Radichel by scheduling a name with IANS Analysis.

Cybersecurity & Cloud Safety Assets by Teri Radichel: Cybersecurity and Cloud safety lessons, articles, white papers, shows, and podcasts



Previous articleTime Runs Quick to Safe U.S. Elections
Next articleEurope’s First Exascale Supercomputer to Unlock a Trillion Ops
Admin
Adminhttps://www.handla.it
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Load more

Recent Comments

ABOUT US

handla.it is your computer, laptop, software and cyber security website. We provide you with the latest breaking news and videos straight from the computer industry.

POPULAR POSTS

POPULAR CATEGORY

copyright 2022 © handla.it. All rights reserved.