amazon web services - AWS IAM Policy to Allow User Access to A Single Elastic Transcoder Pipeline -
i have user policy allows users access specific s3 bucket assigned. functions perfectly. however, need append instructions policy grant user access elastic transcoder pipeline has been created them. i've tried following instructions here, policy keeps failing. i'm new iam policy syntax, , use hand. see examples below:
functional policy in place:
{ "statement": [ { "effect": "allow", "notaction": [ "s3:createbucket", "s3:deletebucket" ], "resource": "arn:aws:s3:::org-b-bucket", "condition": {} }, { "effect": "allow", "action": "s3:*", "resource": "arn:aws:s3:::org-b-bucket/*", "condition": {} }, { "effect": "allow", "action": "s3:listallmybuckets", "resource": "*", "condition": {} } ] }
edited policy trying add permissions (dummy account info inserted):
{ "statement": [ { "effect": "allow", "notaction": [ "s3:createbucket", "s3:deletebucket" ], "resource": "arn:aws:s3:::org-b-bucket", "condition": {} }, { "effect": "allow", "action": "s3:*", "resource": "arn:aws:s3:::org-b-bucket/*", "condition": {} }, { "effect": "allow", "action": "s3:listallmybuckets", "resource": "*", "condition": {} }, { "effect":"allow", "action":[ "elastictranscoder:list*", "elastictranscoder:read*", "elastictranscoder:createjob" ], "resource":[ "arn:aws:elastictranscoder:us-east-1:123456789123:pipeline/1234567891234-qwerty", "arn:aws:elastictranscoder:us-east-1:123456789123:job/*" ] } ] }
Comments
Post a Comment