DEVHIDE
Login Or Sign up

amazon sp api golang sdk Permission Denied

419 Views Asked by At

I'm trying to use SPI API programatically using Golang. https://github.com/amazinsellers/amazon-sp-api-sdk-go and also tried with official https://github.com/amzapi/selling-partner-api-sdk and always have permission denied on the sample code on both github...

I followed this guide for all the IAM setup on my AWS Account but still not working.. https://spapi.cyou/en/guides/SellingPartnerApiDeveloperGuide.html#terminology

Here is my response json:

{"AssumeRoleResponse": {"-xmlns": "https://sts.amazonaws.com/doc/2011-06-15/", "AssumeRoleResult": {"AssumedRoleUser": {"AssumedRoleId": "AR***:SPAPISession", "Arn": "a
rn:aws:sts::123***:assumed-role/MyStsRoleName/SPAPISession"}, "Credentials": {"SessionToken": "FwoGZXIvYXdzEPb//////////wEaDJyejpfUNUYyux***=", "Expiration": "2022-03-14T13:41:14Z", "AccessKeyId": "A***", "SecretAccessKey": "Dr***"}}, "ResponseMetadata": {"RequestId": "b000db8e-e0f0-4150-b2fe-808d8212d599"}}}
{"code":"Unauthorized","details":"","message":"Access to requested resource is denied."}

My Dev App on Seller Central is on Draft status I passed the role I created on it like following :

arn:aws:iam::123***:role/MyStsRoleName

and on my code:

SPClientID     = "amzn1.application-oa2-client.123***"
    SPClientSecret = "26***"
    SPRefreshToken = "Atzr|**"
    SPAccessKeyID  = "AKI***"
    SPSecretKey    = "Xre***"
    SPRegion       = "eu"
    SPRoleArn      = "arn:aws:iam::123***:role/MySTSRoleName"

Is it possible to get some help, since 2 days blocked on that part and I found nothing that could help me fix that. I tried a lot of thing on IAM params nothing works.

Here is my inlined policy on my IAM User:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": "arn:aws:iam::123***:role/MySTSRoleName"
        }
    ]
}

The Policy arn:aws:iam::123***:policy/SellingPartnerAPI is like :

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "execute-api:*",
            "Resource": "*"
        }
    ]
}

Edit:

My role trusted entities:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::123***:root"
            },
            "Action": "sts:AssumeRole",
            "Condition": {}
        }
    ]
}

Thanks a lot

amazon-web-services amazonsellercentral amazon-selling-partner-api
Original Q&A
0

There are 0 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZONSELLERCENTRAL

Related Questions in AMAZON-SELLING-PARTNER-API

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.