AWS CLI命令添加条件

问题描述 投票:0回答:1

我需要更改AWS Lambda的基于资源的策略。

我需要从以下位置更改:

{
  "Version": "2012-10-17",
  "Id": "default",
  "Statement": [
    {
      "Sid": "S3Events",
      "Effect": "Allow",
      "Principal": {
        "Service": "s3.amazonaws.com"
      },
      "Action": "lambda:InvokeFunction",
      "Resource": "arn:aws:lambda:eu-west-2:123456789123:function:Manage-configurator",
      "Condition": {
        "ArnLike": {
          "AWS:SourceArn": "arn:aws:s3:::managebucket"
        }
      }
    }
  ]
}

to

{
  "Version": "2012-10-17",
  "Id": "default",
  "Statement": [
    {
      "Sid": "S3Events",
      "Effect": "Allow",
      "Principal": {
        "Service": "s3.amazonaws.com"
      },
      "Action": "lambda:InvokeFunction",
      "Resource": "arn:aws:lambda:eu-west-2:123456789123:function:Manage-configurator",
      "Condition": {
    "StringEquals": {
        "AWS:SourceAccount": "123456789123"
    },
        "ArnLike": {
          "AWS:SourceArn": "arn:aws:s3:::managebucket"
        }
      }
    }
  ]
}

研究后我不确定如何在其中添加一个额外条件

amazon-web-services lambda command-line-interface
1个回答
0
投票

要在AWS中编辑策略,您只需提供一个全新的策略。没有支持修改的API。

© www.soinside.com 2019 - 2024. All rights reserved.