I think IAM would be a lot easier to interact with from a dev perspective if the error messages were more clear. I suspect that they are sometimes intentionally vague (or misleading) as a kind of security-through-obscurity. For example, S3 returns “file does not exist” errors when the real problem is that the caller doesn’t have permission to access the bucket/prefix.
No comments yet.