本文介绍了Cloudformation存储桶策略-“声明缺少必需元素”的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有要部署到CloudFormation的S3存储桶和策略。
I have this S3 Bucket and Policy that I am deploying to CloudFormation.
Resources:
ReportsBucket:
Type: AWS::S3::Bucket
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref ReportsBucket
PolicyDocument:
Id: ReportPolicy
Version: "2012-10-17"
Statement:
- Sid: ReportBucketPolicyDoc
Effect: Allow
Action: "s3:*"
Principal:
AWS: !Join ['', ["arn:aws:iam::", !Ref "AWS::AccountId", ":root"]]
Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']]
失败,
UPDATE_ROLLBACK_IN_PROGRESS AWS::CloudFormation::Stack {my stack name} The following resource(s) failed to create: [BucketPolicy].
CREATE_FAILED AWS::S3::BucketPolicy BucketPolicy Statement is missing required element
出了什么问题我的政策?
What's wrong with my policy?
推荐答案
它有两个问题:
- 第一行中缺少
AWSTemplateFormatVersion(必需元素) - 对
S3Bucket应该是ReportsBucket
- Missing
AWSTemplateFormatVersionon the first line (the required element) - Reference to
S3Bucketthat should beReportsBucket
更新版本:
AWSTemplateFormatVersion: 2010-09-09
Resources:
ReportsBucket:
Type: AWS::S3::Bucket
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref ReportsBucket
PolicyDocument:
Id: ReportPolicy
Version: "2012-10-17"
Statement:
- Sid: ReportBucketPolicyDoc
Effect: Allow
Action: "s3:*"
Principal:
AWS: !Join ['', ["arn:aws:iam::", !Ref "AWS::AccountId", ":root"]]
Resource: !Join ['', ['arn:aws:s3:::', !Ref ReportsBucket, '/*']]
这篇关于Cloudformation存储桶策略-“声明缺少必需元素”的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!