8
我想一個策略添加到已經可以在兩個S3桶執行CRUD這裏現有IAM用戶當前工作的政策AWS IAM策略SQS
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "devcontrol",
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:Put*",
"s3:DeleteObject",
"s3:DeleteObjectVersion"
],
"Resource": [
"arn:aws:s3:::blahimages/*",
"arn:aws:s3:::blahvideos/*"
]
}
]
}
一個例子政策從SQS文件這篇
{
"Version": "2012-10-17",
"Statement":[{
"Effect":"Allow",
"Action":"sqs:*",
"Resource":"arn:aws:sqs:*:123456789012:bob_queue*"
}
]
}
所以,我想這個
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "devcontrol",
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:Put*",
"s3:DeleteObject",
"s3:DeleteObjectVersion"
],
"Resource": [
"arn:aws:s3:::blahimages/*",
"arn:aws:s3:::blahvideos/*"
]
},
{
"Effect":"Allow",
"Action":"sqs:*",
"Resource":"arn:aws:sqs:*:myarn"
}
]
}
我沒有得到任何解析錯誤,但模擬器WA還在歸國否認對SQS隊列
也真的我只是希望此用戶能夠將消息添加到隊列,接受他們,並刪除它們,而上述政策會增加,我相信所有的動作