- 最新
- 投票最多
- 评论最多
Hi There
I dont see a "Statement:" directive in your code under PolicyDocument. (reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html). Also Action: sqs*
is not surrounded by single quotes like the others which could be causing formatting issues.
Hi there
In agreement with the above, please kindly add the "Statement:" directive and surround 'sqs:*' with single quotes as indicated below:
Policies:
- PolicyName: !Sub 'X-${AWS::Region}'
PolicyDocument:
Statement:
- Effect: Allow
Action: 'ssm:GetParametersByPath'
Resource: !Sub 'arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/X'
- Effect: Allow
Action: 'ssm:GetParameters'
Resource: !Sub 'arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/X/'
- Effect: Allow
Action: 's3:'
Resource: ''
- Effect: Allow
Action:
- secretsmanager:GetSecretValue
Resource:
- !Sub 'arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:C'
- Effect: Allow
Action:
- 'ec2:DescribeNetworkInterfaces'
- 'ec2:CreateNetworkInterface'
- 'ec2:DeleteNetworkInterface'
- 'ec2:DescribeInstances'
- 'ec2:AttachNetworkInterface'
Resource: ''
- Effect: Allow
Action: 'kms:Decrypt'
Resource: ''
- Effect: Allow
Action: 'sqs:*'
Resource: 'arn:aws:sqs:us-east-1:000000000000:Q.fifo'
RoleName: !Sub 'X-${AWS::Region}'
相关内容
- AWS 官方已更新 3 年前