AWS 策略必须包含有效的版本字符串

我得到了错误“这个策略包含以下错误: 策略必须包含一个有效的版本字符串，以获得关于 IAM 策略语法的更多信息”，即使在尝试在 AWS 中创建新策略时，我在策略中包含了版本。我的原则是

{
"Version": "2015-06-19",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::repo.com",
"arn:aws:s3:::repo.com/*"
]
}
]
}

38694 次浏览

小开

最佳答案

It seems like Version is not the version of the policy that I am going to create but a set version number by AWS.

As stated by AWS documentation, version can be:

( version_block = "Version" : ("2008-10-17" | "2012-10-17")

So, I changed it to 2012-10-17 and the policy is accepted.

小开

According to https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Version:

“The Version element must appear before the Statement element. The only allowed values are these:

2012-10-17. This is the current version of the policy language, and you should use this version number for all policies.
2008-10-17. This was an earlier version of the policy language. You might see this version on existing policies. Do not use this version for any new policies or any existing policies that you are updating.”

小开

You can also generate your own policy using generate policy option that you can find in the bottom of Bucket Policy tab

When you click on this option you will be redirected to below-mentioned URL:

https://awspolicygen.s3.amazonaws.com/policygen.html

小开

I got this error using the Serverless framework.

I had Version: 2012-10-17 which was getting transformed to "Version": "2012-10-17T00:00:00.000Z"

Version: "2012-10-17" fixed it.