Troubleshooting Amazon EVS identity and access - Amazon Elastic VMware Service
AccessDeniedExceptionI want to allow people outside of my AWS account to access my Amazon EVS resources

Troubleshooting Amazon EVS identity and access

Use the following information to help you diagnose and fix common issues that you might encounter when working with Amazon EVS and IAM.

AccessDeniedException

If you receive an AccessDeniedException when calling an AWS API operation, then the IAM principal credentials that you’re using don’t have the required permissions to make that call.

An error occurred (AccessDeniedException) when calling the CreateEnvironment operation:
User: arn:aws:iam::111122223333:user/user_name is not authorized to perform:
evs:CreateEnvironment on resource: arn:aws:evs:region:111122223333:environment/my-env

In the previous example message, the user does not have permissions to call the Amazon EVS CreateEnvironment API operation. To provide Amazon EVS admin permissions to an IAM principal, see Amazon EVS identity-based policy examples.

For more general information about IAM, see Control access to AWS resources using policies in the IAM User Guide.

I want to allow people outside of my AWS account to access my Amazon EVS resources

You can create a role that users in other accounts or people outside of your organization can use to access your resources. You can specify who is trusted to assume the role. For services that support resource-based policies or access control lists (ACLs), you can use those policies to grant people access to your resources.

To learn more, consult the following: