AWS 无服务器框架:创建 IAM 角色和策略时出现 MalformedPolicyDocument 错误
AWS Serverless Framework : MalformedPolicyDocument Error while creating IAM Role and Policy
我正在尝试通过无服务器模板创建 IAM 角色和策略。
当我尝试部署它时,出现错误 -
An error occurred: SQSConnectPolicy - Syntax errors in policy.
(Service: AmazonIdentityManagement; Status Code: 400; Error Code:
MalformedPolicyDocument
这是我的 serverless.yml 文件的片段
SQSConnectRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: SqSConnectRole
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action:
- 'sts:AssumeRole'
Effect: Allow
Principal:
Service:
- iot.amazonaws.com
Path: /service-role/
SQSConnectPolicy:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: SqSConnectPolicy
Roles:
- !Ref SQSConnectRole
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action: 'sqs:SendMessage'
Resources:
- arn:aws:sqs:${self:provider.region}:#{AWS::AccountId}:connectDeviceSQSDemo
在同一 Serverless.yml 文件中创建策略和角色是否有效?
需要添加依赖吗?对上述问题有任何输入吗?
您的 IAM 政策中有错字。单词 Resources 应更改为 Resource。
我正在尝试通过无服务器模板创建 IAM 角色和策略。
当我尝试部署它时,出现错误 -
An error occurred: SQSConnectPolicy - Syntax errors in policy. (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument
这是我的 serverless.yml 文件的片段
SQSConnectRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: SqSConnectRole
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action:
- 'sts:AssumeRole'
Effect: Allow
Principal:
Service:
- iot.amazonaws.com
Path: /service-role/
SQSConnectPolicy:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: SqSConnectPolicy
Roles:
- !Ref SQSConnectRole
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action: 'sqs:SendMessage'
Resources:
- arn:aws:sqs:${self:provider.region}:#{AWS::AccountId}:connectDeviceSQSDemo
在同一 Serverless.yml 文件中创建策略和角色是否有效?
需要添加依赖吗?对上述问题有任何输入吗?
您的 IAM 政策中有错字。单词 Resources 应更改为 Resource。