Amazon web services AWS RDS访问策略不工作
我已经编写了一个自定义aws策略,将特定RDS实例的所有访问权授予用户,但它给出了以下错误:Amazon web services AWS RDS访问策略不工作,amazon-web-services,amazon-iam,rds,Amazon Web Services,Amazon Iam,Rds,我已经编写了一个自定义aws策略,将特定RDS实例的所有访问权授予用户,但它给出了以下错误: User: arn:aws:iam::*******:user/dev-testrds-access is not authorized to perform: rds:DescribeDBInstances (Service: AmazonRDS; Status Code: 403; Error Code: AccessDenied; Request ID: ) AWS政策: { "Version"
User: arn:aws:iam::*******:user/dev-testrds-access is not authorized to perform: rds:DescribeDBInstances (Service: AmazonRDS; Status Code: 403; Error Code: AccessDenied; Request ID: )
AWS政策:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowRDSDescribe",
"Effect": "Allow",
"Action": "rds:Describe*",
"Resource": "arn:aws:rds:ap-southeast-1:********db:test-db*"
}
]
}
但是当我提到“资源”:“*”它是有效的。我不知道我错在哪里。我想为特定实例提供访问权限,而不是所有instance。在这方面可以提供帮助为什么在
测试数据库
之后,资源末尾有一个*
?RDS ARN的格式是ARN:aws:RDS:region:account id:db:db实例名
。您是否缺少帐户id和db
之间的冒号?