Lambda policy to access S3
Question
Can anyone advise on this? I'm trying to access an S3 bucket from a lambda function. I have created the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::{{ bucketName }}/*"
]
}
]
}
But this doesn't seems to work. I have got a Assume Role Policy: MalformedPolicyDocument: Has prohibited field Resource.
We can't merge multiple access is the same policy?
1 answers
solution1
3 2020-12-22 16:28:16
you are mixing trust policy and permission policy in single. Can't merge these both.
there is difference in between these policies..
The assume role policy is the role's trust policy
trust policy : allowing the role to be assumed, not the role's permissions policy. Trust policies do not contain a resource element
r ole's permissions policy ( access control policy): what permissions the role grants to the assuming entity.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.