【发布时间】:2020-11-04 22:37:14
【问题描述】:
我创建了这个政策:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticbeanstalk:UpdateApplicationVersion",
"elasticbeanstalk:CreateApplicationVersion",
"elasticbeanstalk:DeleteApplicationVersion"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"elasticbeanstalk:InApplication": [
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:application/test"
]
}
}
},
{
"Effect": "Allow",
"Action": [
"elasticbeanstalk:DescribeEvents",
"elasticbeanstalk:DescribeApplications",
"elasticbeanstalk:AddTags",
"elasticbeanstalk:ListPlatformVersions"
],
"Resource": [
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:application/test"
]
},
{
"Effect": "Allow",
"Action": [
"elasticbeanstalk:AddTags",
"elasticbeanstalk:Describe*"
],
"Resource": [
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:platform/*",
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:environment/*/*",
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:application/*",
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:solutionstack/*",
"Condition": {
"StringEquals": {
"elasticbeanstalk:InApplication": [
"arn:aws:elasticbeanstalk:ap-south-1:123456789012:application/test"
]
}
}
}
]
}
当我查看我收到的政策时:
此策略定义了一些不提供权限的操作、资源或条件。要授予访问权限,策略必须具有具有适用资源或条件的操作。
当我从策略中删除 elasticbeanstalk:Describe* 时,它可以工作,但我需要包含它。
【问题讨论】:
-
你可以试着问一个特定的问题,格式化你的问题不会有坏处。
-
大家好,我需要帮助来解决这个问题,当我从策略中删除“elasticbeanstalk:Describe*”时它有效,但我需要两者,
-
它没有正确关闭底部
Resource(Condition之前)的方括号。 -
感谢 john,但我不知道如何在堆栈溢出中部署代码。我有完整的代码,但它显示的错误,我也放了右括号
标签: amazon-web-services amazon-elastic-beanstalk amazon-iam