4 個答案
- 最新
- 最多得票
- 最多評論
0
Bucket policy should like as below:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "SSMLogging",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::SSM_account_id:root"
},
"Action": [
"s3:PutObjectAcl",
"s3:PutObject",
"s3:GetEncryptionConfiguration"
],
"Resource": [
"arn:aws:s3:::bucket_name/*",
"arn:aws:s3:::bucket_name"
]
}
]
}
IAM Policy should be as below(for systems manager):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:PutObjectAcl",
"s3:GetEncryptionConfiguration"
],
"Resource": [
"arn:aws:s3:::bucket-name/*",
"arn:aws:s3:::bucket-name"
]
}
]
}
Follow this re:Post step by step.
0
Tried it out, but still doesn't seem to be working
已回答 10 個月前
Please follow this re:Post step by step and let me know how it goes. Please mention the error messages if you are able to capture through cloudtrail or cloudwatch.
How did it go?
0
Had to also allow permissions due to KMS encryption, but after allowing that; was able to get the data in the bucket.
已回答 10 個月前
相關內容
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
The IAM policy goes on the EC2 service role that's configured for the maintenance window, correct?
Yes, that's correct.
Did you try it out, let me know how it works for you.
Did you try it out?