1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
i have added the following example please modify accordingly
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"eks:DescribeCluster",
"eks:ListFargateProfiles",
"eks:ListUpdates",
"eks:UpdateClusterVersion"
],
"Resource": "arn:aws:eks:us-west-2:123456789012:cluster/my-cluster",
"Condition": {
"StringEquals": {
"aws:userid": [
"user1",
"user2"
],
"sourceArn": [
"arn:aws:execute-api:us-west-2:123456789012:abcdefghij/*/GET/resource1",
"arn:aws:execute-api:us-west-2:123456789012:abcdefghij/*/GET/resource2"
]
}
}
},
{
"Effect": "Allow",
"Action": [
"ecr:BatchGetImage",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:ListTagsForResource",
"ecr:PutImage"
],
"Resource": "arn:aws:ecr:us-west-2:123456789012:repository/my-repo",
"Condition": {
"StringEquals": {
"aws:userid": [
"user1",
"user2"
],
"sourceArn": [
"arn:aws:execute-api:us-west-2:123456789012:abcdefghij/*/POST/resource3",
"arn:aws:execute-api:us-west-2:123456789012:abcdefghij/*/POST/resource4"
]
}
}
}
]
}
関連するコンテンツ
- AWS公式更新しました 1年前