In this blog post I will examine how partial implementation of a feature of IAM policies: resource-level permissions interacts with AWS EC2 API actions to produce confusing results. Please note that AWS states in its documentation that it is planning on expanding the compatibility of resource-level permissions, so check the links at the bottom of this post for the most up-to-date information. Below is a short python program (troubleshooting.py) that utilizes the ec2:DescribeVolumes action. As you can see, I have omitted the access/secret key pair. If you wish to use this code, simply insert your access/secret key you obtained from the IAM … Read More