aws-codecommit - 尽管分配了 AWSCodeCommitFullAccess 策略,但仍无法访问 AWS CodeCommit
问题描述
我的管理员已为我分配了托管AWSCodeCommitFullAccess
策略,但我仍然无法访问 CodeCommit 服务,当我在用户下展开策略时,我看到以下消息:
该政策如下所示:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:*"
],
"Resource": "*"
},
{
"Sid": "CloudWatchEventsCodeCommitRulesAccess",
"Effect": "Allow",
"Action": [
"events:DeleteRule",
"events:DescribeRule",
"events:DisableRule",
"events:EnableRule",
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"events:ListTargetsByRule"
],
"Resource": "arn:aws:events:*:*:rule/codecommit*"
},
{
"Sid": "SNSTopicAndSubscriptionAccess",
"Effect": "Allow",
"Action": [
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:Subscribe",
"sns:Unsubscribe",
"sns:SetTopicAttributes"
],
"Resource": "arn:aws:sns:*:*:codecommit*"
},
{
"Sid": "SNSTopicAndSubscriptionReadAccess",
"Effect": "Allow",
"Action": [
"sns:ListTopics",
"sns:ListSubscriptionsByTopic",
"sns:GetTopicAttributes"
],
"Resource": "*"
},
{
"Sid": "LambdaReadOnlyListAccess",
"Effect": "Allow",
"Action": [
"lambda:ListFunctions"
],
"Resource": "*"
},
{
"Sid": "IAMReadOnlyListAccess",
"Effect": "Allow",
"Action": [
"iam:ListUsers"
],
"Resource": "*"
},
{
"Sid": "IAMReadOnlyConsoleAccess",
"Effect": "Allow",
"Action": [
"iam:ListAccessKeys",
"iam:ListSSHPublicKeys",
"iam:ListServiceSpecificCredentials",
"iam:ListAccessKeys",
"iam:GetSSHPublicKey"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
},
{
"Sid": "IAMUserSSHKeys",
"Effect": "Allow",
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
},
{
"Sid": "IAMSelfManageServiceSpecificCredentials",
"Effect": "Allow",
"Action": [
"iam:CreateServiceSpecificCredential",
"iam:UpdateServiceSpecificCredential",
"iam:DeleteServiceSpecificCredential",
"iam:ResetServiceSpecificCredential"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
}
]
}
我不确定该策略有什么问题,因为它具有所需的所有参数(效果、操作和资源)。而且这个注释没有意义:
此策略定义了一些不提供权限的操作、资源或条件。要授予访问权限,策略必须具有具有适用资源或条件的操作
解决方案
请问您在访问 CodeCommit 服务时遇到了什么错误信息?您是否使用 AWS CLI 访问 CodeCommit?您是否使用了正确的安全凭证(AccessKey 和密钥)?以下文档是如何设置与 AWS CodeCommit 存储库的 HTTPS 连接,这可能会有所帮助
谢谢
推荐阅读
- django - 通过电子邮件 django 发送 HTML 模板
- jsf - 当文本文件有前导空格时,上传文件 ricefaces 失败
- java - 如何为瑞典帐号生成 IBAN
- jquery - 需要有关 jquery ajax 的建议
- python - 使用 Excel 或 Python 求解器自动安排解决方案
- javafx - JavaFX TableView 数据格式化
- cql - 在 CQL 中查询日期
- oracle - 如何从 Amazon RDS 导出和导入架构 Oracle
- javascript - 如何使用 javascript 中的 moment.js / Date 将 EST 时间数据转换为本地时间
- javascript - React beautiful dnd 与 Material UI 列表的问题