amazon-web-servicesamazon-rekognition

User is not authorized to perform: rekognition:RecognizeCelebrities with an explicit deny


When I run a boto3 api (python)file, it always throws an exception error like: (Amazon-Rekognition)

User: arn:aws:sts::963971995244:assumed-role/vocstartsoft/user937366=*********** is not authorized to perform: rekognition:RecognizeCelebrities with an explicit deny


Solution

  • This error "explicit deny" means that some policy is blocking this access, like this:

    "Sid": "example",
    "Effect": "Deny",
    "Action": "*"
    "Resource": "*"
    

    Even if there are other policies authorizing the use of rekognition, this deny will overwrite everything, explicitly denying access according to the error.