尝试部署此部分时收到错误消息:
OutBucketPolicyCredentials:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: "SnowflakeStagingBucket2"
PolicyDocument:
Statement:
-
Action:
- "s3:GetObject"
Effect: "Allow"
Resource:
Fn::Join:
- ""
-
- "arn:aws:s3:::"
-
Ref: "SnowflakeStagingBucket2"
- "/*"
Principal: "di-snowflake-shipper-ShipperRole-1AVH7OJ0CDNSY"
为什么语法错误?
答案 0 :(得分:2)
该评论删除了格式,因此我只在此处重新发布。我假设di-snowflake-shipper-ShipperRole-1AVH7OJ0CDNSY是IAM角色,请尝试以下片段。
Principal:
AWS:
- "arn:aws:iam::${AWS::AccountId}:role/di-snowflake-shipper-ShipperRole-1AVH7OJ0CDNSY"