【发布时间】:2021-10-12 09:11:04
【问题描述】:
我现在非常困惑,难以与 AWS 合作。我创建了一个副驾驶应用程序,创建了服务,后来想删除它。我似乎手动删除了一些东西,现在我留下了一个无法操作的堆栈集,我无法删除它。由于堆栈必须为空,但堆栈实例无法操作,所以我无法对其执行任何操作
我有两个角色,执行和管理员,这是执行角色
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"cloudformation:*",
"s3:*",
"sns:*"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "StackSetRequiredPermissions"
},
{
"Action": [
"kms:*"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "ManageKMSKeys"
},
{
"Action": [
"ecr:DescribeImageScanFindings",
"ecr:GetLifecyclePolicyPreview",
"ecr:CreateRepository",
"ecr:GetDownloadUrlForLayer",
"ecr:GetAuthorizationToken",
"ecr:ListTagsForResource",
"ecr:ListImages",
"ecr:DeleteLifecyclePolicy",
"ecr:DeleteRepository",
"ecr:SetRepositoryPolicy",
"ecr:BatchGetImage",
"ecr:DescribeImages",
"ecr:DescribeRepositories",
"ecr:BatchCheckLayerAvailability",
"ecr:GetRepositoryPolicy",
"ecr:GetLifecyclePolicy",
"ecr:TagResource"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "ManageECRRepos"
}
]
}
这是管理员
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"cloudformation:*",
"s3:*",
"sns:*"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "StackSetRequiredPermissions"
},
{
"Action": [
"kms:*"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "ManageKMSKeys"
},
{
"Action": [
"ecr:DescribeImageScanFindings",
"ecr:GetLifecyclePolicyPreview",
"ecr:CreateRepository",
"ecr:GetDownloadUrlForLayer",
"ecr:GetAuthorizationToken",
"ecr:ListTagsForResource",
"ecr:ListImages",
"ecr:DeleteLifecyclePolicy",
"ecr:DeleteRepository",
"ecr:SetRepositoryPolicy",
"ecr:BatchGetImage",
"ecr:DescribeImages",
"ecr:DescribeRepositories",
"ecr:BatchCheckLayerAvailability",
"ecr:GetRepositoryPolicy",
"ecr:GetLifecyclePolicy",
"ecr:TagResource"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "ManageECRRepos"
}
]
}
他们看起来不太对劲,因为我为了让它工作而搞砸了他们,但没有运气。
【问题讨论】:
标签: amazon-web-services amazon-cloudformation amazon-iam