问题描述
这是我的用户帐户所在的网上论坛的政策:
{
"Version": "2012-10-17","Statement": [
{
"Effect": "Allow","Action": [
"cloudformation:Describe*","cloudformation:List*","cloudformation:Get*","cloudformation:CreateStack","cloudformation:UpdateStack","cloudformation:DeleteStack"
],"Resource": "arn:aws:cloudformation:sa-east-1:XXXXXXX:stack/notification-service*/*"
},{
"Effect": "Allow","Action": [
"cloudformation:ValidateTemplate"
],"Resource": "*"
},"Action": [
"s3:CreateBucket","s3:DeleteBucket","s3:Get*","s3:List*","s3:GetEncryptionConfiguration","s3:PutEncryptionConfiguration","s3:PutBucketPolicy"
],"Resource": [
"arn:aws:s3:::notification-service*"
]
},"Action": [
"s3:*"
],"Resource": [
"arn:aws:s3:::notification-service*/*"
]
},"Action": [
"logs:DescribeLogGroups"
],"Resource": "arn:aws:logs:sa-east-1:XXXXXXX:log-group::log-stream:*"
},{
"Action": [
"logs:CreateLogGroup","logs:CreateLogStream","logs:DeleteLogGroup","logs:DeleteLogStream","logs:DescribeLogStreams","logs:FilterLogEvents"
],"Resource": "arn:aws:logs:sa-east-1:XXXXXXX:log-group:/aws/lambda/notification-service*:log-stream:*","Effect": "Allow"
},"Action": [
"lambda:GetFunction","lambda:CreateFunction","lambda:DeleteFunction","lambda:UpdateFunctionConfiguration","lambda:UpdateFunctionCode","lambda:ListVersionsByFunction","lambda:PublishVersion","lambda:Createalias","lambda:Deletealias","lambda:Updatealias","lambda:GetFunctionConfiguration","lambda:AddPermission","lambda:RemovePermission","lambda:InvokeFunction"
],"Resource": [
"arn:aws:lambda:*:XXXXXXX:function:notification-service*"
]
},"Action": [
"iam:GetRole","iam:PassRole","iam:CreateRole","iam:DeleteRole","iam:DetachRolePolicy","iam:PutRolePolicy","iam:AttachRolePolicy","iam:DeleteRolePolicy"
],"Resource": [
"arn:aws:iam::XXXXXXX:role/notification-service*-lambdaRole"
]
},"Action": [
"events:Put*","events:Remove*","events:Delete*","events:Describe*"
],"Resource": "arn:aws:events::XXXXXXX:rule/notification-service*"
},"Action": [
"sns:GetTopicAttributes","sns:Createtopic","sns:Publish","sns:Subscribe","sns:Deletetopic","sns:ListSubscriptions","sns:ListPlatformApplications","sns:ListTopics","sns:ListTagsForResource"
],"Resource": [
"arn:aws:sns:sa-east-1:XXXXXXX:*"
]
},"Action": [
"apigateway:GET","apigateway:PATCH","apigateway:POST","apigateway:PUT","apigateway:DELETE"
],"Resource": [
"arn:aws:apigateway:sa-east-1::/restapis","arn:aws:apigateway:sa-east-1::/restapis/*"
]
},"Action": [
"lambda:ListFunctions"
],"Resource": [
"arn:aws:lambda:sa-east-1:XXXXXXX:*:*"
]
},"Action": [
"lambda:GetAccountSettings"
],"Resource": [
"arn:aws:lambda:sa-east-1:XXXXXXX:*:*"
]
}
]
}
有什么主意吗?我应该去哪里看看?
编辑:在JSON的末尾,我放置了我认为可以使我看到Lambda函数的策略:
"Effect": "Allow","Action": [
"lambda:ListFunctions"
],"Resource": [
"arn:aws:lambda:sa-east-1:XXXXXXX:*:*"
]
但是不起作用。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)