AWS IAM 自定义策略
AWS IAM CustomPolicy
我创建了一个自定义托管 AWS IAM 策略,如下所示:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1567509959500",
"Action": [
"codecommit:DeleteBranch",
"codecommit:GitPush",
"codecommit:MergeBranchesByFastForward",
"codecommit:MergeBranchesBySquash",
"codecommit:MergeBranchesByThreeWay",
"codecommit:MergePullRequestByFastForward",
"codecommit:MergePullRequestBySquash",
"codecommit:MergePullRequestByThreeWay",
"codecommit:PutFile"
],
"Effect": "Deny",
"Resource": [
"arn:aws:codecommit:us-east-1:420843264582:ui-repos",
"arn:aws:codecommit:us-east-1:420843264582:API-repos"
],
"Condition": {
"StringEquals": {
"codecommit:References": "refs/heads/master"
}
}
}
]
}
但是当 Git 推送到任何分支时,应用此策略的任何用户都会收到 403。
I want users to create branches, allow all operations on other branches except the master branch.
谢谢!
如果这就是全部(你真的把 json 放在了问题里面 - 为什么是外部 link?),那么你只有一个拒绝声明,没有任何东西可以授予你的用户任何权利代码提交。
我创建了一个自定义托管 AWS IAM 策略,如下所示:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1567509959500",
"Action": [
"codecommit:DeleteBranch",
"codecommit:GitPush",
"codecommit:MergeBranchesByFastForward",
"codecommit:MergeBranchesBySquash",
"codecommit:MergeBranchesByThreeWay",
"codecommit:MergePullRequestByFastForward",
"codecommit:MergePullRequestBySquash",
"codecommit:MergePullRequestByThreeWay",
"codecommit:PutFile"
],
"Effect": "Deny",
"Resource": [
"arn:aws:codecommit:us-east-1:420843264582:ui-repos",
"arn:aws:codecommit:us-east-1:420843264582:API-repos"
],
"Condition": {
"StringEquals": {
"codecommit:References": "refs/heads/master"
}
}
}
]
}
但是当 Git 推送到任何分支时,应用此策略的任何用户都会收到 403。
I want users to create branches, allow all operations on other branches except the master branch.
谢谢!
如果这就是全部(你真的把 json 放在了问题里面 - 为什么是外部 link?),那么你只有一个拒绝声明,没有任何东西可以授予你的用户任何权利代码提交。