Solution:Step 1: Analyze error messageAccessDenied for sts:AssumeRole indicates permission issues.Step 2: Check IAM policiesUser must have explicit permission to call sts:AssumeRole on the role.Final Answer:The user's IAM policy does not permit sts:AssumeRole on the specified role -> Option BQuick C

[Solved] You execute:aws sts assume-role --role-arn arn:aws:iam::123456789012:role/AdminRole --role-session-name AdminSessionand receive "AccessDenied:... What is the most probable reason? | AWS

AWS - Identity and Access Management

You execute:

aws sts assume-role --role-arn arn:aws:iam::123456789012:role/AdminRole --role-session-name AdminSession

and receive "AccessDenied: User is not authorized to perform sts:AssumeRole". What is the most probable reason?

AThe role ARN is invalid or does not exist

BThe user's IAM policy does not permit sts:AssumeRole on the specified role

CThe AWS CLI is outdated and cannot perform assume-role

DThe session name is missing or invalid

Step-by-Step Solution

Solution:

Step 1: Analyze error message
AccessDenied for sts:AssumeRole indicates permission issues.
Step 2: Check IAM policies
User must have explicit permission to call sts:AssumeRole on the role.
Final Answer:
The user's IAM policy does not permit sts:AssumeRole on the specified role -> Option B
Quick Check:
Permission missing for sts:AssumeRole causes AccessDenied [OK]

Quick Trick: Missing sts:AssumeRole permission causes AccessDenied [OK]

Common Mistakes:

Assuming role ARN is invalid without checking permissions
Blaming CLI version
Thinking session name causes AccessDenied

Master "Identity and Access Management" in AWS

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

More AWS Quizzes

You execute:

Step 1: Analyze error message

Step 2: Check IAM policies

Final Answer:

Quick Check:

Want More Practice?