假设我有一个包含以下声明的政策:
{
"Effect": "Deny",
"Action": "organizations:*",
"Resource": "*",
}
我正在尝试通过 AWS 开发工具包将此类内联策略添加到角色:
PutRolePolicyRequest request = new PutRolePolicyRequest()
.withRoleName("TestRole")
.withPolicyName("TestPolicy")
.withPolicyDocument("Above in string");
PutRolePolicyResult result = iam.putRolePolicy(request);
// I would need to uncomment below for test to pass
// Thread.sleep(10000)
assertThatThrownBy(() -> {
awsOrgs.listAccounts(..);
}).isInstanceOf(AccessDeniedException.class)
注意上面的注释,我必须为 awsOrgs.listAccounts() 添加延迟才能抛出异常,否则测试失败,表明没有抛出异常。这是 AWS 正在发生的某种最终一致性问题吗?