AWS格式错误的政策错误

时间:2014-06-03 22:57:53

标签: amazon-web-services

我正在尝试通过AWS CLI设置AWS组策略,如下所示:

aws iam put-group-policy --group-name my-group --policy-name \
    s3-full-access --policy-document /tmp/policy.json

这是/tmp/policy.json的内容:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:ListAllMyBuckets"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::*"
    },
    {
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-bucket*"
    }
  ]
}

我一直收到以下错误:

A client error (MalformedPolicyDocument) occurred when calling the PutGroupPolicy operation: The policy is not in the valid JSON format.

我不知道如何继续,错误太不明确了。有人能帮忙吗?

3 个答案:

答案 0 :(得分:71)

解决了这个谜语!

是策略文件名前面的file://前缀:

aws iam put-group-policy --group-name my-group --policy-name s3-full-access --policy-document file:///tmp/policy.json

原始错误消息非常具有误导性,因为如果您提供根本不存在的文件名,则会收到相同的消息。

因此 >文件的语法,但 CLI根本无法看到该文件,导致错误。

答案 1 :(得分:2)

+++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++ PS命令:示例1。

aws iam create-role --role-name vmimport --assume-role-policy-document file:///policy/trust-policy.json

****实际路径******:C:\ policy \ trust-policy.json ++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++

PS命令​​:示例2。

aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file:///policy/role-policy.json

****实际路径******:C:\ policy \ role-policy.json ++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++

答案 2 :(得分:0)

我在10号窗口上遇到了同样的问题,这对我有帮助。

**file** : followed by **two Forward slash** like         :"file://"
**Path on window 10** : followed by **Backward slash** like 
:"c:\Users\Anand\Desktop\anand-jan19.json"

C:\Users\Anand>aws iam create-policy --policy-name anand-jan19 --policy-document file://c:\Users\Anand\Desktop\anand-jan19.json
{
    "Policy": {
        "PolicyName": "anand-jan19",
        "PolicyId": "EQWEQBV33ewrwYCRCS",
        "Arn": "arn:aws:iam::56433378:policy/anand-jan19",
        "Path": "/",
        "DefaultVersionId": "v1",
        "AttachmentCount": 0,
        "PermissionsBoundaryUsageCount": 0,
        "IsAttachable": true,
        "CreateDate": "2019-02-10T04:03:32Z",
        "UpdateDate": "2019-02-10T04:03:32Z"
    }
}