1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
The error you're getting sounds like you're trying to use a resource policy as an identity-based policy. Since these policies are attached to a principal already, the Principal
field is not required. More info here: https://aws.amazon.com/premiumsupport/knowledge-center/iam-principal-policy/
The policy above should be applied as the bucket policy for the bucket you'd like to share, and the identity-based policy for the user/role should look more like:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::cmaq-database/*"
}
]
}
回答済み 2年前
関連するコンテンツ
- AWS公式更新しました 5ヶ月前
Hi Ed. Let me read the link to make sure I understand what you mean. Thanks.