Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
Troubleshooting AWS IoT Analytics identity and access - AWS IoT Analytics
I am not authorized to perform an action in AWS IoT AnalyticsI am not authorized to perform iam:PassRoleI want to allow people outside of my AWS account to access my AWS IoT Analytics resources

AWS IoT Analytics is no longer available to new customers. Existing customers of AWS IoT Analytics can continue to use the service as normal. Learn more

AWS IoT Analytics is no longer available to new customers. Existing customers of AWS IoT Analytics can continue to use the service as normal. Learn more

Troubleshooting AWS IoT Analytics identity and access

PDFRSS

Use the following information to help you diagnose and fix common issues that you might encounter when working with AWS IoT Analytics.

I am not authorized to perform an action in AWS IoT Analytics

If the AWS Management Console tells you that you're not authorized to perform an action, the you must contact your administrator for assistance. You administrator is the person that provided you with your user name and password.

The following example error occurs when the mateojackson user tries to use the console to view details about a channel but not have iotanalytics:ListChannels permissions.

User: arn:aws:iam::123456789012:user/mateojackson is not authorized to perform: iotanalytics:``ListChannels`` on resource: ``my-example-channel``

In this case, Mateo asks his administrator update his policies to allow him to access the my-example-channel resource using the iotanalytics:ListChannel action.

I am not authorized to perform iam:PassRole

If you receive an error that you're not authorized to perform the iam:PassRole action, your policies must be updated to allow you to pass a role to AWS IoT Analytics.

Some AWS services allow you to pass an existing role to that service instead of creating a new service role or service-linked role. To do this, you must have permissions to pass the role to the service.

The following example error occurs when an IAM user named marymajor tries to use the console to perform an action in AWS IoT Analytics. However, the action requires the service to have permissions that are granted by a service role. Mary does not have permissions to pass the role to the service.

User: arn:aws:iam::123456789012:user/marymajor is not authorized to perform: iam:PassRole

In this case, Mary's policies must be updated to allow her to perform the iam:PassRole action.

If you need help, contact your AWS administrator. Your administrator is the person who provided you with your sign-in credentials.

I want to allow people outside of my AWS account to access my AWS IoT Analytics resources

You can create a role that users in other accounts or people outside of your organization can use to access your resources. You can specify who is trusted to assume the role. For services that support resource-based policies or access control lists (ACL), you can use those policies to grant people access to your resources.

To learn more, consult the following:

Previous topic:

IAM policy examples

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.