[英]AWS Cloudformation Error: Policy has invalid resource
我需要創建一個具有公共訪問權限的 S3 存儲桶,但將該訪問權限限制為僅特定 IP。
我使用 S3 存儲桶的策略生成器生成了一個策略,然后通過引用存儲桶的名稱將其調整為我的模板; 但是,CloudFormation 不斷給出“策略具有無效資源”錯誤。
下面是我正在使用的 CloudFormation 模板的相關部分。 “FirstS3BucketName”是一個參數。
FirstS3BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref FirstS3BucketName
PolicyDocument: |
{
"Id": "Policy1581542658034",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1581542655517",
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws:s3:::${FirstS3BucketName}/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "3.132.69.181/32"
}
},
"Principal": "*"
}
]
}
您真正需要做的就是在您的PolicyDocument行上添加一個!Sub 。 僅供參考,所有 JSON 也可以轉換為 YAML。
FirstS3BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref FirstS3BucketName
PolicyDocument: !Sub |
{
"Id": "Policy1581542658034",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1581542655517",
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws:s3:::${FirstS3BucketName}/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "3.132.69.181/32"
}
},
"Principal": "*"
}
]
}
無效資源和格式錯誤的政策錯誤 - aws cloudformation YAML
[英]Invalid Resource and malformed policy errors - aws cloudformation YAML
策略包含具有一個或多個無效委托人的語句 - AWS Cloudformation 錯誤
[英]Policy contains a statement with one or more invalid principals - AWS Cloudformation error
帶有Cloudformation SAM的AWS :: Serverless :: Api資源策略
[英]AWS::Serverless::Api Resource Policy with Cloudformation SAM
AWS CloudFormation 轉換 LanguageExtensions 策略錯誤
[英]AWS CloudFormation Transform LanguageExtensions policy error
為什么此AWS CloudFormation腳本會引發“策略包含具有一個或多個無效主體的語句”錯誤?
[英]Why does this AWS CloudFormation script throw “Policy contains a statement with one or more invalid principals” error?
AWS CloudFormation/API 網關給出“指定的資源標識符無效”
[英]AWS CloudFormation/API Gateway gives 'Invalid Resource identifier specified'
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.