官术网_书友最值得收藏!

  • AWS Automation Cookbook
  • Nikit Swaraj
  • 274字
  • 2021-07-02 23:00:40

How to do it...

Let's get started with that, and perform the following operations:

  1. First of all, let's create a custom policy where we will give the restriction definition.
  2. Go to IAM Console and click on the Policies section. Then, click on Create Policy:
  3. Click on Create Your Own Policy:
  1. You will be redirected to another page where you have to fill in the Policy Name, a description of the policy, and a policy document. The policy document will be the definition, where we will mention the resources and actions:
  1. Insert the following policy definition (x60xxxxxxx39 will be basically your account ID):
    {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:GitPull",
"codecommit:GitPush"
],
"Resource": "arn:aws:codecommit:us-east-1:x60xxxxxxx39:HelloWorld"
}
]
}
  1. Click on Create Policy; then we will have our own custom policy:
  2. Now, let's remove the AWSCodeCommitPowerUser access from the IAM user that we created to clone the repository by clicking on x:
  1. Click on Add permissionsafter that click on Attach Existing Policies Directly and search for Policy name in filter, check that, and save it:

  1. We will have a user with only our custom policy, which means the user will only have access to the HelloWorld repository and only two actions, git push and git clone:
    awsstar@awsstar:~$ aws codecommit list-repositories
An error occurred (AccessDeniedException) when calling the ListRepositories operation: User: arn:aws:iam::16xxxxxx139:user/awsccuser is not authorized to perform: codecommit:ListRepositories

The preceding command output shows AccessDeniedException, that is, awsccuser is not authorized to perform codecommit:ListRepositories. The reason for this is we have given access to only two operations or actions: git push and git clone.

主站蜘蛛池模板: 牟定县| 岳阳市| 宁阳县| 富蕴县| 桓台县| 淮滨县| 阜新市| 双柏县| 长乐市| 开封市| 平潭县| 瓦房店市| 长海县| 大同市| 邯郸县| 宽城| 平凉市| 高要市| 桃园市| 新田县| 三门县| 乌兰浩特市| 黎川县| 溧水县| 精河县| 斗六市| 寿光市| 塘沽区| 酉阳| 衡南县| 和政县| 新民市| 恭城| 佛冈县| 竹溪县| 云安县| 隆化县| 中方县| 饶河县| 闸北区| 额济纳旗|