I was using the Windows Web Application Migration Assistant for AWS Elastic Beanstalk last night and on a new machine I kept getting an error that my user didn’t have the policy IAMReadOnlyAccess attached.[AWS Migration] [FATAL] ERROR: Please make sure that your AWS credentials are correct, and the AWS managed policy IAMReadOnlyAccess is attached to the current user
After an hour of thinking I had a security issue, I dug into the tools code and explored the following few lines:
On line 2076 I noticed that it called the PowerShell Cmdlet Get-STSCallerIdentity. When I opened up PowerShell on the instance where I was having issues I got the following error:
I noticed when I called Get-STSCallerIdentity that it would error saying No region specified or obtained from persisted/shell defaults.
So I thought maybe I should se the default region, so I ran the command:
Set-DefaultAWSRegion -Region eu-north-1
I then tried the Get-STSCallerIdentity command again. It worked.
Now when I run the tool again. It works!
When I get a chance I will create a pull request to fix this bug.
I hope this has saved you some time and frustration. Let me know in the comments if it did.