DynamoDB-创建表-IAM策略-未授权错误

时间:2019-07-19 05:07:37

标签: amazon-web-services amazon-dynamodb amazon-iam

目标::应仅允许IAM用户在弗吉尼亚北部地区创建DynamoDB表。

附加到IAM用户的我的IAM策略: 

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "CreateMyTable",
            "Effect": "Allow",
            "Action": [
                "dynamodb:CreateTable",
                "dynamodb:ListTables",
                "dynamodb:DescribeTable",
                "dynamodb:Query",
                "dynamodb:Scan",
                "dynamodb:GetItem",
                "dynamodb:BatchGetItem",
                "dynamodb:PutItem",
                "cloudwatch:*",
                "sns:CreateTopic"
            ],
            "Resource": "*"
        },
        {
            "Sid": "DenyOtherRegions",
            "Effect": "Deny",
            "Action": "dynamodb:*",
            "Resource": "*",
            "Condition": {
                "ForAllValues:StringNotEqualsIfExists": {
                    "aws:RequestedRegion": "us-east-1"
                }
            }
        }
    ]
}

我遇到以下错误: 未授权 enter image description here

我在这里错过任何政策吗?请提出建议。

0 个答案:

没有答案
相关问题
最新问题