1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
I believe the issue is in the "Principal" field. You can use "*" Or you can use "arn:aws:iam::<accountID>:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling" Or you can create your own role with a copy of AWSServiceRoleForAutoScaling.
Contenus pertinents
- demandé il y a un an
- demandé il y a 3 mois
- demandé il y a un an
- demandé il y a 7 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 4 ans
For a bit more detail, here is what the policy should look like and the link to the documentation. You're almost there.
{ "Sid": "Allow service-linked role use of the customer managed key", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::<accountID>:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling" }, "Action": [ "kms:GenerateDataKey*", "kms:Decrypt" ], "Resource": "*" }
https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-sns-notifications.html#sns-kms-permissions
You can let us know if that works. Thanks.
Hi Team, I want to get alerts for all events in aws. If I put this only then I did not get other alerts like cloud watch and all.
Thanks, Anuj