官术网_书友最值得收藏!

How to do it...

Let's get started with that, and perform the following operations:

  1. First of all, let's create a custom policy where we will give the restriction definition.
  2. Go to IAM Console and click on the Policies section. Then, click on Create Policy:
  3. Click on Create Your Own Policy:
  1. You will be redirected to another page where you have to fill in the Policy Name, a description of the policy, and a policy document. The policy document will be the definition, where we will mention the resources and actions:
  1. Insert the following policy definition (x60xxxxxxx39 will be basically your account ID):
    {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:GitPull",
"codecommit:GitPush"
],
"Resource": "arn:aws:codecommit:us-east-1:x60xxxxxxx39:HelloWorld"
}
]
}
  1. Click on Create Policy; then we will have our own custom policy:
  2. Now, let's remove the AWSCodeCommitPowerUser access from the IAM user that we created to clone the repository by clicking on x:
  1. Click on Add permissionsafter that click on Attach Existing Policies Directly and search for Policy name in filter, check that, and save it:

  1. We will have a user with only our custom policy, which means the user will only have access to the HelloWorld repository and only two actions, git push and git clone:
    awsstar@awsstar:~$ aws codecommit list-repositories
An error occurred (AccessDeniedException) when calling the ListRepositories operation: User: arn:aws:iam::16xxxxxx139:user/awsccuser is not authorized to perform: codecommit:ListRepositories

The preceding command output shows AccessDeniedException, that is, awsccuser is not authorized to perform codecommit:ListRepositories. The reason for this is we have given access to only two operations or actions: git push and git clone.

主站蜘蛛池模板: 墨玉县| 辰溪县| 盘锦市| 甘孜| 周口市| 徐水县| 当涂县| 樟树市| 四会市| 慈溪市| 兴隆县| 铁岭市| 铜川市| 郴州市| 英德市| 兴和县| 榆中县| 连云港市| 泊头市| 鄂托克旗| 海阳市| 西盟| 兰坪| 天峻县| 温州市| 无棣县| 宜丰县| 隆安县| 太和县| 旌德县| 绥芬河市| 临江市| 鸡西市| 黄骅市| 武强县| 新竹市| 安化县| 西乌珠穆沁旗| 社会| 关岭| 抚顺市|