Lambda 访问 S3 的策略
[英]Lambda policy to access S3
问题描述
Can anyone advise on this?
有人可以就此提出建议吗? I'm trying to access an S3 bucket from a lambda function. I have created the following policy:我正在尝试从 lambda function 访问 S3 存储桶。我创建了以下策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::{{ bucketName }}/*"
]
}
]
}
But this doesn't seems to work.但这似乎不起作用。 I have got a Assume Role Policy: MalformedPolicyDocument: Has prohibited field Resource.我有一个代入角色策略:MalformedPolicyDocument:具有禁止的字段资源。
We can't merge multiple access is the same policy?我们不能合并多个访问是同一个策略吗?
1 个解决方案
解决方案1
3 2020-12-22 16:28:16
you are mixing trust policy and permission policy in single.您正在将trust policy和permission policy混合在一起。 Can't merge these both.不能合并这两个。
there is difference in between these policies..这些政策之间存在差异..
The assume role policy is the role's trust policy
trust policy : allowing the role to be assumed, not the role's permissions policy.信任策略:允许代入角色,而不是角色的权限策略。 Trust policies do not contain a resource element
r ole's permissions policy ( access control policy): what permissions the role grants to the assuming entity. r ole的权限策略(access control policy):角色赋予承担实体什么权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.