1 Answer
- Newest
- Most votes
- Most comments
1
The error you're getting sounds like you're trying to use a resource policy as an identity-based policy. Since these policies are attached to a principal already, the Principal
field is not required. More info here: https://aws.amazon.com/premiumsupport/knowledge-center/iam-principal-policy/
The policy above should be applied as the bucket policy for the bucket you'd like to share, and the identity-based policy for the user/role should look more like:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::cmaq-database/*"
}
]
}
answered 3 years ago
Relevant content
- asked 13 days ago
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
Hi Ed. Let me read the link to make sure I understand what you mean. Thanks.