Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/search/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
AWS CDK Python中的IAM角色条件_Python_Amazon Web Services_Amazon Iam_Aws Cdk - Fatal编程技术网
Fatal编程技术网
  • python/
  • AWS CDK Python中的IAM角色条件

AWS CDK Python中的IAM角色条件

python amazon-web-services

AWS CDK Python中的IAM角色条件,python,amazon-web-services,amazon-iam,aws-cdk,Python,Amazon Web Services,Amazon Iam,Aws Cdk,我正在创建一个新的IAM角色自定义策略,但它执行了回滚,原因是:格式错误的策略文档 myrole=iam.Role(self,配置['CUSTOM_POLICY']['Role'], 假设_by=iam.ServicePrincipal('ec2.amazonaws.com'), role_name=config['CUSTOM_POLICY']['name'] ) myrole.add_到_策略( iam.policy声明( 效果=iam.effect.ALLOW, resources=['

我正在创建一个新的IAM角色自定义策略,但它执行了回滚,原因是:
格式错误的策略文档


myrole=iam.Role(self,配置['CUSTOM_POLICY']['Role'],
假设_by=iam.ServicePrincipal('ec2.amazonaws.com'),
role_name=config['CUSTOM_POLICY']['name']
)
myrole.add_到_策略(
iam.policy声明(
效果=iam.effect.ALLOW,
resources=['arn:aws:s3:::MyBucket/*'],
行动=[
's3:CreateBucket',
“s3:GetObject”,
's3:ListBucket',
's3:PutObject'
],
条件=[
{
“aws:SourceIp”:“192.10.10.10/32”
}
]
)
)
如果我删除了它有效的条件,那么考虑条件的正确语法是什么?

看起来您忽略了条件。您是否正在寻找类似于:

条件=[
{
“NotIpAddress”:{
“aws:SourceIp”:[“192.10.10.10/32”]
}
}
]