alert-crayon-18838
03/11/2022, 2:00 AMbored-table-20691
03/11/2022, 2:02 AMalert-crayon-18838
03/11/2022, 2:05 AMimportant-appointment-55126
03/11/2022, 2:44 AMPolicy: policy.New("my-policy",
policy.Statement("statement-one",
policy.Effect(policy.Allow),
policy.Action(
"s3:GetObject",
"s3:PutObject",
),
policy.Principal("AWS",
"arn:aws:iam::12345:root",
),
policy.Resource(
pulumi.Sprintf("%s/*", bucketArn),
),
),
).ToStringOutput(),
alert-crayon-18838
03/11/2022, 3:03 AMimportant-appointment-55126
03/11/2022, 3:07 AMbored-table-20691
03/11/2022, 3:14 AMsource, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
Statements: []iam.GetPolicyDocumentStatement{
// Allow AssumeRole - we allow to assume any role,
// but that role will have to have been granted permissions
// to be assumable by this role.
{
Actions: []string{
"sts:AssumeRole",
},
Resources: []string{
"*",
},
Effect: &allow,
},
// Some base bucket policies
{
Actions: []string{
"s3:HeadBucket",
},
Resources: []string{
bucketArn,
},
Effect: &allow,
},important-appointment-55126
03/11/2022, 3:15 AMbored-table-20691
03/11/2022, 3:48 AMimportant-appointment-55126
03/11/2022, 3:50 AMbored-table-20691
03/11/2022, 3:56 AMbillowy-army-68599
03/11/2022, 4:31 PM