DevPay和Mfa是互斥的授权方法 [英] DevPay and Mfa are mutually exclusive authorization methods

问题描述

我正在尝试通过以下命令通过AWS-cli将MFA删除添加到我的S3存储桶中:

I'm trying to add MFA-deletion to my S3 bucket with the AWS-cli with the following command:

aws s3api put-bucket-versioning --bucket <my-bucket-name> --versioning-configuration '{"MFADelete":"Enabled","Status":"Enabled"}' --mfa 'arn:aws:iam::<code-found-at-iam-page>:mfa/root-account-mfa-device <my-google-authenticator-code>'

但是我得到的答复是:

调用时发生错误(InvalidRequest) PutBucketVersioning操作:DevPay和Mfa是互斥的 授权方法.

An error occurred (InvalidRequest) when calling the PutBucketVersioning operation: DevPay and Mfa are mutually exclusive authorization methods.

这是没有意义的，因为我从未使用过DevPay.我对该实例的安全组启用了S3FullAccess，因此也不应该成为问题.

which makes no sense as I have never used DevPay. My security group for the instance has S3FullAccess enabled so that shouldn't be a problem either.

任何有关可能会出现问题的建议都将不胜感激.

Any suggestions on what the problem might be would be appreciated.

推荐答案

我向AWS提交了一个案例，他们回答如下:

当API无法执行时，通常会返回该错误响应 由于发出的请求是执行MFA删除任务的原因 非根凭证.启用"MFA删除"的唯一方法是使用 帐户的根用户提供的凭据

That error response typically gets returned when the API cannot perform the MFA Delete task due to the request being made with non-root credentials. The only way to turn on MFA Delete is to use the credentials from the root user of the account

简单的解决方案！

这篇关于DevPay和Mfa是互斥的授权方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！