stackoom
  简体   繁体   中英

Update IAM policy for S3 bucket using cloudformation

 原文  2018-06-14 04:53:40       amazon-web-services/ amazon-cloudformation/ amazon-iam

Question

We have a use case: Update the IAM policy as new bucket is created.

New bucket is created using cloudformation template.

Is it possible to update the current IAM policy eg add a new Resource value using cloudformation ?

2 answers

solution1
 1  2018-06-14 05:00:16

You have to configure the SNS topic to your cloudformation, the cloudformation will publish to the SNS topic. Configure the SNS to invoke the Lambda function that will update your IAM policy.

Provide the required permissions to your

CloudFormation -> to send notification to SNS

SNS -> to Invoke your lambda

Lambda Function -> To Update IAM Policy

solution2
 0  2018-06-15 07:55:55

或者,您可以创建一个有权访问所有S3存储桶的组或角色,然后为每个S3存储桶创建一个新的IAM策略,并使用AWS::IAM::PolicyGroupsRoles属性分配给该组或角色AWS::IAM::Policy资源。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question IAM policy on S3 bucket S3 Bucket Policy and IAM Role Conflicting S3 bucket encryption restriction in IAM policy Permission denied for IAM policy to S3 bucket Can S3 bucket-policy override IAM policy? Incorrect S3 bucket policy is detected for bucket in CloudFormation CloudFormation, S3 bucket access to cross-acccount IAM role Defining IAM Roles for Identity Pool with CloudFormation to access s3 bucket AWS: How to update an existing S3 bucket-policy via CloudFormation? CloudFormation CloudTrail S3 Policy Error - Incorrect S3 bucket policy is detected for bucket
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM