AWS SNS编辑主题政策-C#

时间:2018-12-27 13:21:16

标签: amazon-web-services amazon-sns

我有一个SNS服务,我正在寻找使用C#sdk创建此部分策略的方法:

{
  "Sid": "__console_sub_0",
  "Effect": "Allow",
  "Principal": {
    "AWS": "*"
  },
  "Action": [
    "SNS:Subscribe",
    "SNS:Receive"
  ],
  "Resource": "arn:aws:sns:MYARN"
}

这是我在浏览器控制台中将其设置为“允许这些用户向该主题发布消息”和“允许这些用户订阅该主题”时看到的内容,现在应该向所有人开放。 / p>

我为此所做的尝试:

1)

Policy snsPolicy = new Policy().WithStatements(
            new Amazon.Auth.AccessControlPolicy.Statement(Amazon.Auth.AccessControlPolicy.Statement.StatementEffect.Allow)
            .WithPrincipals(Principal.AllUsers)
            .WithResources(new Resource("arn:aws:sns:MYARN"))
            );
        SetTopicAttributesRequest setTopicAttributesRequest = new SetTopicAttributesRequest();
        setTopicAttributesRequest.TopicArn = "arn:aws:sns:MYARN";
        setTopicAttributesRequest.AttributeName = "Policy";
        setTopicAttributesRequest.AttributeValue = "test val";

结果:

Invalid parameter: Policy Error: null

2)

  AmazonSimpleNotificationServiceClient snsClient = new AmazonSimpleNotificationServiceClient(bucketRegion);
        snsClient.AuthorizeS3ToPublish("arn:aws:sns:MYARN", "MYBUCKET");

            List<string> tl = new List<string>();
        tl.Add("*");
        List<string> tl2 = new List<string>();
        tl2.Add("SNS:Subscribe"); 
        tl2.Add("SNS:Receive");
        Amazon.SimpleNotificationService.Model.AddPermissionResponse permissionResponse = snsClient.AddPermission("arn:aws:sns:MYARN", "SubscribePolicy", tl, tl2);

结果:

Invalid parameter: Policy statement action out of service scope!

在两种情况下,我都不确定这些命令是否正确。谁能让我走上正确的道路?

谢谢

编辑

我已经创建了一条陈述并将其添加到建议的策略中,并用于SetTopicAttributesRequest:

             AmazonSimpleNotificationServiceClient snsClient = new AmazonSimpleNotificationServiceClient(bucketRegion);            
        Policy snsPolicy = new Policy();
        snsPolicy.Id = "test_id";
        snsPolicy.Statements.Add(statment);
        SetTopicAttributesRequest setTopicAttributesRequest = new SetTopicAttributesRequest();
        setTopicAttributesRequest.TopicArn = "arn:aws:sns:MYARN";
        setTopicAttributesRequest.AttributeName = "Policy";
        setTopicAttributesRequest.AttributeValue = snsPolicy.ToJson();
        snsClient.SetTopicAttributes(setTopicAttributesRequest);

但是错误“无效参数:策略错误:空”是相同的。

1 个答案:

答案 0 :(得分:1)

根据AWS文档,您应该使用NavLink

中的import { NavLink } from 'react-router-dom'对象
  

以下代码创建策略对象。对于这种情况,您只需要一个语句。它具有存储区+用户名以及GET和PUT操作的资源。作为一项附加的安全措施,让我们添加一个条件,将GET和PUT请求锁定到桌面客户端的IP地址。

Policy

选中此link,以获取更多信息。

相关问题
最新问题