gpt4 book ai didi

amazon-web-services - 如何使用 Sparkleformation 创建 IAM 策略?

转载 作者:行者123 更新时间:2023-12-03 07:45:36 26 4
gpt4 key购买 nike

我正在尝试使用sparkleformation创建 IAM 策略,但我不知道要调用什么动态,并且不确定我的模板格式是否正确。 Sparkleformation还几乎没有提供任何错误消息,这只会让调试变得更加困难。

这是我想在 Sparkleformation 中创建的策略

{
"Version": "2010-09-09",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*",
"ec2:*"
],
"Resource": [
"*"
]
}
]
}

这是我当前创建此模板的模板

SparkleFormation.new(:my_policy, :provider => :aws) do
AWSTemplateFormatVersion '2010-09-09'
description 'my policy'

dynamic!(:aws_iam_policy, :test_group) do
properties do
policies array!(
-> {
policy_name "mypolicy"
policy_document do
version "2012-10-17"
statement do
effect "Allow"
resource "*"
action array!(
"s3:Get*",
"s3:List*",
"ec2:*"
)
end
end
}
)
end
end
end

运行此命令会出现以下错误:

$ bundle exec sfn create test --file sparkleformation/templates/my-policy.rb 
[Sfn]: Callback template stack_policy: starting
[Sfn]: Callback template stack_policy: complete
[Sfn]: SparkleFormation: create
[Sfn]: -> Name: test
[Sfn]: Events for Stack: test
Time Resource Logical Id Resource Status Resource Status Reason
2017-11-08 20:36:24 UTC test CREATE_IN_PROGRESS User Initiated
2017-11-08 20:36:28 UTC TestGroupIamPolicy CREATE_FAILED Encountered unsupported property Policies
2017-11-08 20:36:29 UTC test CREATE_FAILED The following resource(s) failed to create: [TestGroupIamPolicy].
[FATAL]: Create of new stack test: FAILED
ERROR: RuntimeError: Stack did not reach a successful completion state.

最佳答案

这是正确的结构。请注意,与角色或组不同,您不设置策略数组,而仅设置文档。此外,策略不能单独创建,它必须通过在角色、组和/或用户数组中设置至少一个值来附加到某些内容:

SparkleFormation.new(:my_policy, :provider => :aws) do
AWSTemplateFormatVersion '2010-09-09'
description 'my policy'

dynamic!(:aws_iam_policy, :test_group) do
# at least one of these must be set roles, groups, users
roles array!(
"role1",
"other-role"
)

users array!(
"myuser"
)

policy_name "mypolicy"
policy_document do
version "2012-10-17"
statement do
effect "Allow"
resource "*"
action array!(
"s3:Get*",
"s3:List*",
"ec2:*"
)
end
end

end
end

关于amazon-web-services - 如何使用 Sparkleformation 创建 IAM 策略?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47189386/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com