AWS Cross Account Access-无效的存储桶策略问题

时间:2020-10-22 21:35:47

标签: amazon-web-services amazon-s3 aws-lambda

Am试图授予S3存储桶的跨帐户访问权限以使用lambda函数。在这种情况下,请首先尝试根据以下链接为源和目标存储桶分配适当的存储桶策略。

https://aws.amazon.com/premiumsupport/knowledge-center/cross-account-access-s3/

源存储桶策略:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DelegateS3Access",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::777777777:role/Staff"
            },
            "Action": [
                "s3:ListBucket",
                "s3:GetObject",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::source-bucktet-testing-lambda/*",
                "arn:aws:s3:::source-bucktet-testing-lambda"
            ]
        }
    ]
}

目标政策:

{
    "Version": "2012-10-17",
    "Statement": [{
        "Effect": "Allow",
        "Principal": {
            "AWS": "arn:aws:iam:: 777777777:role/Staff"
        },
        "Action": [
            "s3:GetObject",
            "s3:PutObject",
            "s3:PutObjectAcl"
        ],
        "Resource": [
            "arn:aws:s3:::source-bucktet-testing-lambda/*",
            "arn:aws:s3:::source-bucktet-testing-lambda"
        ]
    }]
}

但是在目标存储桶策略中,策略具有无效的资源。您能帮我吗?

0 个答案:

没有答案
相关问题
最新问题