我无法添加" AWS":" *"在我的云形式代码中

时间:2017-09-29 15:06:46

标签: amazon-web-services amazon-cloudformation aws-opsworks

我有一个简单的cloudformation,它创建了一个附加了策略的存储桶。这是我的云形成代码:

---
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  S3Bucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: testforcfn
    DeletionPolicy: Retain

  BucketPolicy:
    Type: AWS::S3::BucketPolicy
    Properties:
      PolicyDocument:
        Id: MyPolicy
        Version: '2012-10-17'
        Statement:
        - Sid: PublicReadForGetBucketObjects
          Effect: Allow
          Principal: "*"
          Action: s3:GetObject
          Resource:
            Fn::Join:
            - ''
            - - 'arn:aws:s3:::'
              - Ref: S3Bucket
              - "/*"
      Bucket:
         Ref: S3Bucket
Outputs:
  S3Info:
    Value:
        Ref: S3Bucket

然而,在主体的存储桶策略中,一切正常,而不是" "我需要" AWS":" "。所以这里有更多的解释是我想要的存储桶策略:

{
    "Version": "2012-10-17",
    "Id": "Policy1506624486110",
    "Statement": [{
        "Sid": "Stmt1506624421375",
        "Effect": "Allow",
        "Principal": {
            "AWS": "*"
        },
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::testforcfn/*"
    }]
}

所以这部分就是我想要在我的cloudformation代码中使用的部分:

       "Principal": {
           "AWS": "*"
       }

当我在我的cloudformation中执行此操作时出现错误:

              Principal: "AWS:*"

知道如何解决这个问题吗?

1 个答案:

答案 0 :(得分:1)

我会尝试以下方法:

Principal: 
  AWS: "*"

您可以找到相关示例here

相关问题
最新问题