DevPay和Mfa是互斥的授权方法 [英] DevPay and Mfa are mutually exclusive authorization methods
问题描述
我正在尝试通过以下命令通过AWS-cli将MFA删除添加到我的S3存储桶中:
I'm trying to add MFA-deletion to my S3 bucket with the AWS-cli with the following command:
aws s3api put-bucket-versioning --bucket <my-bucket-name> --versioning-configuration '{"MFADelete":"Enabled","Status":"Enabled"}' --mfa 'arn:aws:iam::<code-found-at-iam-page>:mfa/root-account-mfa-device <my-google-authenticator-code>'
但是我得到的答复是:
调用时发生错误(InvalidRequest) PutBucketVersioning操作:DevPay和Mfa是互斥的 授权方法.
An error occurred (InvalidRequest) when calling the PutBucketVersioning operation: DevPay and Mfa are mutually exclusive authorization methods.
这是没有意义的,因为我从未使用过DevPay.我对该实例的安全组启用了S3FullAccess,因此也不应该成为问题.
which makes no sense as I have never used DevPay. My security group for the instance has S3FullAccess enabled so that shouldn't be a problem either.
任何有关可能会出现问题的建议都将不胜感激.
Any suggestions on what the problem might be would be appreciated.
推荐答案
我向AWS提交了一个案例,他们回答如下:
当API无法执行时,通常会返回该错误响应 由于发出的请求是执行MFA删除任务的原因 非根凭证.启用"MFA删除"的唯一方法是使用 帐户的根用户提供的凭据
That error response typically gets returned when the API cannot perform the MFA Delete task due to the request being made with non-root credentials. The only way to turn on MFA Delete is to use the credentials from the root user of the account
简单的解决方案!
这篇关于DevPay和Mfa是互斥的授权方法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!