rga*_*aut 2 amazon-web-services amazon-iam
I am trying to create an IAM role with AWS managed policy, however it asks me for policy document.
aws iam create-role --role-name test-role
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: argument --assume-role-policy-document is required
I am trying to attach an aws managed policy like AWSLambdaFullAccess
信任策略定义了哪些主体实体(帐户、用户、角色和联合用户)可以承担该角色。每个 IAM 角色都需要信任策略。
通过 CLI 创建角色时,您必须指定信任策略。之后可以使用attach-role-policy或put-role-policy命令将基于身份的策略(托管/内联)附加到角色。
以下信任策略允许 Lambda 服务承担此角色。您必须提供此文件作为命令 usingassume-role-policy-document选项的输入。
信任策略.json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
aws iam create-role --role-name Test-Role --assume-role-policy-document file://trust-policy.json
aws iam attach-role-policy --policy-arn arn:aws:iam::aws:policy/AWSLambdaFullAccess --role-name Test-Role
| 归档时间: |
|
| 查看次数: |
1462 次 |
| 最近记录: |