- Le plus récent
- Le plus de votes
- La plupart des commentaires
[+] This can be updated using the Policy feature of IAM
[+] Please find the JSON file for the LAB setup that I have performed.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "route53:ChangeResourceRecordSets",
"Resource": "*",
"Condition": {
"StringEquals": {
"route53:ChangeResourceRecordSetsNormalizedRecordNames": "_acme-challenge.*"
},
"StringEqualsIfExists": {
"route53:ChangeResourceRecordSetsRecordTypes": "TXT",
"route53:ChangeResourceRecordSetsActions": [
"CREATE",
"DELETE"
]
}
}
}
]
}
[+] How to go about this.
[-] Create New Policy by selecting service : Route53
[-] Navigate to Action --> Access level
[=] Collapse Write [access level]
[=] Select - ChangeResourceRecordSets
[-] Now navigate to Resources
[=] This would depend on use-case
[-] Navigate to Request Conditions
[=] Add Condition
[=] Under Condition Key you get to see all the options under [Service level condition keys]
ChangeResourceRecordSetsNormalizedRecordNames
ChangeResourceRecordSetsActions
ChangeResourceRecordSetsRecordTypes
Please refer the Json [from LAB setup] which would provide you with first-hand information as per the question.
This may be a display error since this is a new feature update and the console at IAM may be updating it soon. We have brought it to the attention. Can you please try to see if this is preventing you with creation of the policy. If you are able to proceed with the creation and test the permissions?
Contenus pertinents
- demandé il y a 2 mois
- demandé il y a 3 mois
- demandé il y a 7 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an
Hmm. Using the visual editor is a good idea. But clicking on the JSON tab still shows the "Invalid Service Condition Key" errors! :-/