I just spotted a limitation when using IAM policies which restrict access to domains. Obviously the root list command fails on /. Suggest adding an option to define the list path.
User (arn:aws:iam::111111111111:user/domainname) does not have permission to perform (sdb:ListDomains) on resource (arn:aws:sdb:ap-southeast-2:111111111111:domain/). Contact account owner.
Update: I added an IAM rule to allow ListDomains on * and it "works". All domains are visible but only the restricted path can be queried or updated.
I just spotted a limitation when using IAM policies which restrict access to domains. Obviously the root list command fails on /. Suggest adding an option to define the list path.
User (arn:aws:iam::111111111111:user/domainname) does not have permission to perform (sdb:ListDomains) on resource (arn:aws:sdb:ap-southeast-2:111111111111:domain/). Contact account owner.
Update: I added an IAM rule to allow ListDomains on * and it "works". All domains are visible but only the restricted path can be queried or updated.