简体繁体 English

使用cloudformation更新S3存储桶的IAM策略

[英]Update IAM policy for S3 bucket using cloudformation

原文 2018-06-14 04:53:40 5 2 amazon-web-services/ amazon-cloudformation/ amazon-iam

We have a use case: Update the IAM policy as new bucket is created. 我们有一个用例：在创建新存储桶时更新IAM策略。

New bucket is created using cloudformation template. 使用Cloudformation模板创建新存储桶。

Is it possible to update the current IAM policy eg add a new Resource value using cloudformation ? 是否可以更新当前的IAM策略，例如使用cloudformation添加新的Resource值？

2 个解决方案

You have to configure the SNS topic to your cloudformation, the cloudformation will publish to the SNS topic. 您必须将SNS主题配置为您的cloudformation，cloudformation将发布为SNS主题。 Configure the SNS to invoke the Lambda function that will update your IAM policy. 配置SNS以调用Lambda函数，该函数将更新您的IAM策略。

Provide the required permissions to your 为您提供所需的权限

CloudFormation -> to send notification to SNS CloudFormation->向SNS发送通知

SNS -> to Invoke your lambda SNS->调用您的lambda

Lambda Function -> To Update IAM Policy Lambda函数->更新IAM策略

或者，您可以创建一个有权访问所有S3存储桶的组或角色，然后为每个S3存储桶创建一个新的IAM策略，并使用AWS::IAM::Policy的Groups或Roles属性分配给该组或角色AWS::IAM::Policy资源。

S3存储桶上的IAM策略 - IAM policy on S3 bucket

S3存储桶策略和IAM角色冲突 - S3 Bucket Policy and IAM Role Conflicting

IAM策略中的S3存储桶加密限制 - S3 bucket encryption restriction in IAM policy

对S3存储桶的IAM策略的权限被拒绝 - Permission denied for IAM policy to S3 bucket

S3 存储桶策略可以覆盖 IAM 策略吗？ - Can S3 bucket-policy override IAM policy?

CloudFormation 中的存储桶检测到不正确的 S3 存储桶策略 - Incorrect S3 bucket policy is detected for bucket in CloudFormation

CloudFormation、S3 存储桶访问跨账户 IAM 角色 - CloudFormation, S3 bucket access to cross-acccount IAM role

使用 CloudFormation 为身份池定义 IAM 角色以访问 s3 存储桶 - Defining IAM Roles for Identity Pool with CloudFormation to access s3 bucket

AWS：如何通过 CloudFormation 更新现有的 S3 存储桶策略？ - AWS: How to update an existing S3 bucket-policy via CloudFormation?

CloudFormation CloudTrail S3 策略错误 - 检测到存储桶的 S3 存储桶策略不正确 - CloudFormation CloudTrail S3 Policy Error - Incorrect S3 bucket policy is detected for bucket

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 S3存储桶上的IAM策略 - IAM policy on S3 bucket S3存储桶策略和IAM角色冲突 - S3 Bucket Policy and IAM Role Conflicting IAM策略中的S3存储桶加密限制 - S3 bucket encryption restriction in IAM policy 对S3存储桶的IAM策略的权限被拒绝 - Permission denied for IAM policy to S3 bucket S3 存储桶策略可以覆盖 IAM 策略吗？ - Can S3 bucket-policy override IAM policy? CloudFormation 中的存储桶检测到不正确的 S3 存储桶策略 - Incorrect S3 bucket policy is detected for bucket in CloudFormation CloudFormation、S3 存储桶访问跨账户 IAM 角色 - CloudFormation, S3 bucket access to cross-acccount IAM role 使用 CloudFormation 为身份池定义 IAM 角色以访问 s3 存储桶 - Defining IAM Roles for Identity Pool with CloudFormation to access s3 bucket AWS：如何通过 CloudFormation 更新现有的 S3 存储桶策略？ - AWS: How to update an existing S3 bucket-policy via CloudFormation? CloudFormation CloudTrail S3 策略错误 - 检测到存储桶的 S3 存储桶策略不正确 - CloudFormation CloudTrail S3 Policy Error - Incorrect S3 bucket policy is detected for bucket

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM