AWS CLI:描述没有 "p-" 前缀的策略
AWS CLI: Describing a Policy Without "p-" Prefix
我正在尝试使用 AWS CLI 来描述我的 AWS 策略。但是,AWS 似乎无法识别 policy-id。
我已经执行了这个:
aws iam get-policy --policy-arn arn:aws:iam::160936793253:policy/MyAWSPolicy
并返回以下内容:
{
"Policy": {
"PolicyName": "MyAWSPolicy",
"PolicyId": "ANPAIIJNOIYOWCAK6KH7I",
"Arn": "arn:aws:iam::160936796653:policy/MyAWSPolicy",
"Path": "/",
"DefaultVersionId": "v8",
"AttachmentCount": 2,
"IsAttachable": true,
"CreateDate": "2019-03-20T20:20:26Z",
"UpdateDate": "2019-04-01T18:19:08Z"
}
}
但是当我输入这个命令时:
aws organizations describe-policy --policy-id ANPAIIJNOIYOWCAK6KH7I
我收到 InvalidInputException,因为根据 AWS 文档 (https://docs.aws.amazon.com/cli/latest/reference/organizations/describe-policy.html#examples):
The unique identifier (ID) of the policy that you want details about. You can get the ID from the ListPolicies or ListPoliciesForTarget operations.
The regex pattern for a policy ID string requires "p-" followed by from 8 to 128 lower-case letters or digits.
然而,当我将 p- 添加到 ANPAIIJNOIYOWCAK6KH7I 时,AWS 无法识别此策略。
知道发生了什么吗?
您参考的文档建议您从 ListPolicies or ListPoliciesForTarget operations, which is likely referencing the operations on the organizations service 获取策略 ID。您获取的 ID 来自 IAM 策略。
我不完全熟悉 IAM 和组织之间的交互,但我想他们正在使用具有不同标识符的不同策略对象。
我正在尝试使用 AWS CLI 来描述我的 AWS 策略。但是,AWS 似乎无法识别 policy-id。
我已经执行了这个:
aws iam get-policy --policy-arn arn:aws:iam::160936793253:policy/MyAWSPolicy
并返回以下内容:
{
"Policy": {
"PolicyName": "MyAWSPolicy",
"PolicyId": "ANPAIIJNOIYOWCAK6KH7I",
"Arn": "arn:aws:iam::160936796653:policy/MyAWSPolicy",
"Path": "/",
"DefaultVersionId": "v8",
"AttachmentCount": 2,
"IsAttachable": true,
"CreateDate": "2019-03-20T20:20:26Z",
"UpdateDate": "2019-04-01T18:19:08Z"
}
}
但是当我输入这个命令时:
aws organizations describe-policy --policy-id ANPAIIJNOIYOWCAK6KH7I
我收到 InvalidInputException,因为根据 AWS 文档 (https://docs.aws.amazon.com/cli/latest/reference/organizations/describe-policy.html#examples):
The unique identifier (ID) of the policy that you want details about. You can get the ID from the ListPolicies or ListPoliciesForTarget operations.
The regex pattern for a policy ID string requires "p-" followed by from 8 to 128 lower-case letters or digits.
然而,当我将 p- 添加到 ANPAIIJNOIYOWCAK6KH7I 时,AWS 无法识别此策略。
知道发生了什么吗?
您参考的文档建议您从 ListPolicies or ListPoliciesForTarget operations, which is likely referencing the operations on the organizations service 获取策略 ID。您获取的 ID 来自 IAM 策略。
我不完全熟悉 IAM 和组织之间的交互,但我想他们正在使用具有不同标识符的不同策略对象。