1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
2
If the action is set to "aoss:*", then APIs with resource types other than "Collection" will also be restricted, resulting in an error.
The table below shows that only three resource types "Collection" can be set: "APIAccessAll", "DeleteCollection" and "UpdateCollection".
For APIs other than the above, setting the resource type to "Collection" will result in an error.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonopensearchserverless.html#amazonopensearchserverless-actions-as-permissions
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
So I would make the following policy.
So does:
need to remain for "aoss:*", or can this be narrowed down to a specific index? Apologies if this is a silly question, just wanted to double check.
As far as I can see from the documentation, only the policy I described can narrow down the resource type. So, if you want to allow "aoss:* ", the resource type must be " * ".