我有2个帐户a,b 在帐户中我正在创建s3 在帐户b我创建了ec2实例。现在我附加了桶策略来访问ec2实例。但是我收到此错误“策略中的无效主体”
{
"Id": "CrossAccountAccess",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AccessFromRole",
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucket-name",
"Principal":{
"AWS": [
"arn:aws:iam::123456789012:role/mytask-in-prod"
]
}
}
]
}
答案 0 :(得分:2)
您在"Action": "s3:ListBucket"