반응형
AWS IAM Policy - lambda edge
■ 설명
lambda edge를 사용하기 위해서 lambda에 등록해야 하는 policy
■ 코드
{
"Statement": [
{
"Action": "logs:CreateLogGroup",
"Effect": "Allow",
"Resource": "arn:aws:logs:us-east-1:123456789012:*"
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": [
"arn:aws:logs:us-east-1:123456789012:log-group:/aws/lambda/*:*"
]
},
{
"Action": [
"iam:CreateServiceLinkedRole",
"lambda:GetFunction",
"lambda:EnableReplication",
"cloudfront:UpdateDistribution",
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
}
by mkdir-chandler
728x90
반응형
'Ops > AWS' 카테고리의 다른 글
AWS IAM Policy - GameGuard default (0) | 2023.09.05 |
---|---|
AWS IAM Policy - user MFA (0) | 2023.09.04 |
AWS IAM Policy - file download from S3 on EC2 (0) | 2023.09.02 |
AWS IAM Policy - CloudWatch log to S3 (0) | 2023.09.01 |
AWS IAM Policy - EC2 monitoring on CloudWatch (0) | 2023.08.31 |