- 最新
- 最多得票
- 最多評論
It looks like your resource is not formatted properly -- for instance you don't have a valid region specified in your policy document. us-east is not a valid region. It's also unclear what resource you are trying to declare. To see what the resource specification format should be check out Actions, resources, and condition keys for Amazon API Gateway Management -- particularly the section on the resource specification for RestApis.
It looks like you might need something like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ApiCreateAndEditAccess",
"Effect": "Allow",
"Action": [
"apigateway:*"
],
"Resource": [
"arn:aws:apigateway:us-east-2::/restapis",
"arn:aws:apigateway:us-east-2::/restapis/*"
],
}
]
}
Please take a look at this document https://docs.aws.amazon.com/apigateway/latest/developerguide/permissions.html The section "API Gateway permissions model for creating and managing an API" talks about IAM permissions required to create and manage APIs
The problem is how I represent the resource. If I use"*" as the resource, then it works.
Thanks for the reply, I have tried that also before: { "Version": "2012-10-17", "Statement": [ { "Sid": "Stmtxxxxxxxxxxxx", "Action": "apigateway:*", "Effect": "Allow", "Resource": "arn:aws:apigateway:us-east-2::/**************" } ] }
I still get the same errors
There are some example policies here: https://docs.aws.amazon.com/apigateway/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies. I'm not sure if that's an exact copy-paste there but you should never need to use more than one wildcard in a row.