繼cloudformation模板提供了第9行錯誤:附加政策的IAM角色
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "Policy to allow send receive message from SQS Queue",
"Resources" : {
"MyPolicy" : {
"Type" : "AWS::IAM::Policy",
"Properties" : {
"PolicyName" : "CFUsers",
"Roles": [ { "arn:aws:iam::710161973367:role/Cognito_CFIAuth_Role" } ],
"PolicyDocument" : {
"Version" : "2012-10-17",
"Statement": [
{
"Sid": "Sid1482400105445",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::710161973367:role/Cognito_CFIAuth_Role"
},
"Action": [
"SQS:SendMessage",
"SQS:ReceiveMessage",
"SQS:DeleteMessage",
"SQS:GetQueueUrl"
],
"Resource": "arn:aws:sqs:ap-south-1:710161973367:CFI-Trace"
}
]
}
}
}
}
我想角色Cognito_CFIAuth_Role有消息發送/讀/刪除SQS隊列CFI-跟蹤previleges。我如何將SQS操作權限附加到IAM角色?
嚴格來說,從語法的角度來看,'[{「arn:aws:iam :: 710161973367:role/Cognito_CFIAuth_Role」}]的確是錯誤的,因爲它是一個包含帶有鍵但沒有值的對象的數組。 '''''''不正確。 –