我在AWS上使用策略生成器创建了一个新策略。我正在尝试使用该策略创建密钥,但遇到以下错误:
"" BypassPolicyLockoutSafetyCheck = False File "C:\Users\AppData\Local\Programs\Python\Python35-32\lib\site-packages\botocore\client.py", line 253, in _api_call return self._make_api_call(operation_name, kwargs) File "C:\Users\AppData\Local\Programs\Python\Python35-32\lib\site-packages\botocore\client.py", line 543, in _make_api_call raise error_class(parsed_response, operation_name) botocore.errorfactory.MalformedPolicyDocumentException: An error occurred (MalformedPolicyDocumentException) when calling the CreateKey operation: ""
我已经验证了key的格式,我知道在语法上没有问题。政策如下:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1489675746111",
"Effect": "Allow",
"Action": [
"workspaces:*"
],
"Resource": [
"*"
]
},
{
"Sid": "Stmt1489675786111",
"Effect": "Allow",
"Action": [
"kms:CreateAlias",
"kms:CreateGrant",
"kms:CreateKey",
"kms:Decrypt",
"kms:DeleteAlias",
"kms:DescribeKey",
"kms:EnableKey",
"kms:Encrypt",
"kms:GenerateDataKey",
"kms:GetKeyPolicy",
"kms:ListAliases",
"kms:ListGrants",
"kms:ListKeyPolicies",
"kms:ListKeys",
"kms:PutKeyPolicy"
],
"Resource": [
"*"
]
},
{
"Sid": "Stmt1489675858111",
"Effect": "Allow",
"Action": [
"iam:CreatePolicy",
"iam:CreatePolicyVersion",
"iam:DeletePolicy",
"iam:DeletePolicyVersion",
"iam:GetPolicy",
"iam:GetPolicyVersion"
],
"Resource": [
"*"
]
}
]}
我使用python创建密钥。如果我使用默认策略,那么我可以创建策略。有人知道这件事吗?一些实时的例子?我查阅了aws文档,但是没有找到任何与awscli相关的好例子。在
^{pr2}$
目前没有回答
相关问题 更多 >
编程相关推荐