AWS格式错误的政策错误 [英] AWS malformed policy error

问题描述

我试图像这样通过AWS CLI设置AWS组策略:

I am trying to set an AWS group policy via the AWS CLI like so:

aws iam put-group-policy --group-name my-group --policy-name \
    s3-full-access --policy-document /tmp/policy.json

这是/tmp/policy.json的内容:

This is the content of /tmp/policy.json:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:ListAllMyBuckets"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::*"
    },
    {
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-bucket*"
    }
  ]
}

我一直收到以下错误:

A client error (MalformedPolicyDocument) occurred when calling the PutGroupPolicy operation: The policy is not in the valid JSON format.

我不知道该如何进行，该错误过于具体.有人能帮忙吗?

I do not know how to proceed, the error is too unspecific. Anyone able to help?

推荐答案

解决了这个难题！

必须是策略文件名前面的file://前缀:

There has to be a file:// prefix in front of the policy file name:

aws iam put-group-policy --group-name my-group --policy-name s3-full-access --policy-document file:///tmp/policy.json

原始错误消息非常容易引起误解，因为如果提供的文件名根本不存在，则您会得到相同的消息.

The original error message is very misleading, as you get the same message if you provide a filename that does not exist at all.

所以它不是文件中的策略语法，而是 CLI根本看不到文件的事实，会导致错误.

So it is not the syntax of the policy in the file but the fact that the CLI does not see the file at all, that causes the error.

这篇关于AWS格式错误的政策错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！