1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
1
The problem comes from the "Resource". If you specify a specific Resource it's because you want to perform a specific operation (or operations, indicated in the Action) over that resource. However, the ListSecrets (the same as ListBuckets in S3) lists the available secrets and, thus, it applies over all the available secrets in the account (or in that specific region in the account). Therefore, you should not indicate a specific Secret in the Resource part of the policy. Instead, you should specify that you want to access to any secret in the Resource part in the policy. For instance:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "secretsmanager:ListSecrets",
"Resource": "*"
}
]
}
You can find more examples here: https://docs.aws.amazon.com/mediaconnect/latest/ug/iam-policy-examples-asm-secrets.html
beantwortet vor 6 Monaten
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 4 Monaten
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren