- Más nuevo
- Más votos
- Más comentarios
Hello,
I understood that when you are applying the policy as the resource based policy, you are getting error "The resource policy isn't valid. Check the policy format and try your request again"
Please allow me to state that you are receiving the error because you are not specifying the supported resource in the policy according to its actions.
If you refer below documentation and search for "GetBot" action, you will find that "GetBot" action only support ("bot alias" or "bot version") Arns in the Resource section of the policy.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lex:UpdateBot",
"lex:CreateSlot",
"lex:CreateSlotType"
],
"Resource": "arn:aws:lex:us-east-1:1234567890:bot/ABCDEFG",
"Principal": {
"AWS": "arn:aws:iam:1234567890:user/username"
}
},
{
"Effect": "Allow",
"Action": [
"lex:GetBot"
],
"Resource": "arn:aws:lex:{Region}:{Account}:bot:{BotName}:{BotAlias}",
"Principal": {
"AWS": "arn:aws:iam:1234567890:user/username"
}
}
]
}
In the above policy please replace :
- {Region} - with the region , {Account} with the account number, {BotName} with the specific bot name and {BotAlias} with the specific bot alias.
- Also, please replace the username with the correct user name of the user, you would like to allow this action for.
If you want to allow all the bot alias then you can use "*" in that place, so the resource will be like :
"arn:aws:lex:{Region}:{Account}:bot:{BotName}:*"
Trust this will help in resolving the issue. Also you can refer below documentation about "Resource-based policy examples for Amazon Lex V2"
https://docs.aws.amazon.com/lexv2/latest/dg/security_iam_resource-based-policy-examples.html
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 2 años
Yeah I already figured out how to let my business partner access my bots; he just needed to change his AWS region from Sydney to Virginia