Home > Blockchain >  Error while creating resource based policy
Error while creating resource based policy

Time:10-12

Trying to create a resource-based policy and specifying a group as principal but it is failing,

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<acc_number>:group/dev-group"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<bucket>/text.txt"
        }
    ]
}

It fails with error:

enter image description here

CodePudding user response:

This is not possible, per AWS documentation.

You can specify any of the following principals in a policy:

  • AWS account and root user
  • IAM users
  • Federated users (using web identity or SAML federation)
  • IAM roles
  • Assumed-role sessions
  • AWS services
  • Anonymous users (not recommended)

JSON policy documentation

AWS support forum

Page link:https//www.codepudding.com/Blockchain/149440.html

Prev:Why am I getting a "Reference to undeclared resource" error when trying to set a security
Next:Single NAT Gateway with multiple public IPs
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding