AWS：用户无权在资源上执行 <Action> <Resource>

我正在尝试调用实体解析API

IAM 用户详细信息：

• IAM 用户：user1
• 策略名称：AssumeRolePolicy

我为 user1 生成了访问密钥和秘密，并在我的 Spring Boot 应用程序中使用它们。

附加到 user1 的策略（AssumeRolePolicy）：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": "arn:aws:iam::004724176825:role/scv-er-poc-er-service-sbox"
        }
    ]
}

角色详情 (

scv-er-poc-er-service-sbox

AWSEntityResolutionConsoleFullAccess

在受信任的实体中：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::004724176825:user/user1",
                "Service": "entityresolution.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

尽管进行了策略和角色配置，仍会出现错误并显示以下消息：

User: arn:aws:iam::004724176825:user/user1 is not authorized to perform: entityresolution:GetMatchId on resource: arn:aws:entityresolution:eu-west.

此流程中缺少哪个步骤？

我的Java代码：

   @Bean
    public EntityResolutionClient entityResolutionClient() {
        AwsCredentials credentials = AwsBasicCredentials.create("<Access key>",
                "<Secret>");
        StaticCredentialsProvider staticProvider = StaticCredentialsProvider.create(credentials);

        Region region = Region.EU_WEST_1;
        EntityResolutionClient entityResolutionClient = EntityResolutionClient.builder()
                .region(region)
                .credentialsProvider(staticProvider)
                .build();
        return entityResolutionClient;
    }