英文:
How do I create an IAM Principal for an account using AWS CDK for Java?
问题
我想创建一个类似于以下结构的策略(允许跨账户访问 SNS 主题):
{
"Statement": [{
"Effect": "Allow",
"Principal": {
"AWS": "111122223333"
},
"Action": "sns:Subscribe",
"Resource": "arn:aws:sns:us-east-2:123456789012:MyTopic"
}]
}
请问我应该如何使用 Java CDK 创建这个策略?我认为我应该使用 AccountPrincipal,但我找不到一个相关的具有公共构造函数的类。
myTopic.addToResourcePolicy(
PolicyStatement.Builder
.create()
.actions(List.of("sns:Subscribe"))
.effect(Effect.ALLOW)
.resources(List.of("arn:aws:sns:us-east-2:123456789012:MyTopic"))
.principals(List.of( ...在这里如何创建 Principal?... ))
.build()
);
(注意:代码部分未进行翻译)
英文:
I want to create a policy that looks like this (which will permit cross account access to a SNS topic):
{
"Statement":[{
"Effect":"Allow",
"Principal":{
"AWS":"111122223333"
},
"Action":"sns:Subscribe",
"Resource":"arn:aws:sns:us-east-2:123456789012:MyTopic"
}]
}
How do I create this using the Java CDK? I think I should be using AccountPrincipal but I can't find a class that seems relevant that has a public constructor.
myTopic.addToResourcePolicy(
PolicyStatement.Builder
.create()
.actions(List.of("sns:Subscribe"))
.effect(Effect.ALLOW)
.resources(List.of("arn:aws:sns:us-east-2:123456789012:MyTopic"))
.principals(List.of( ...how do I create a principal here?... ))
.build()
);
答案1
得分: 0
使用 AccountRootPrincipal(实现了 IPrincipal 接口),示例如下:
List.of(new AccountRootPrincipal())
英文:
Use AccountRootPrincipal (which implements IPrincipal) like below:
List.of(new AccountRootPrincipal())
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论