我正在尝试生成策略并将其附加到我的证书。我使用下一个代码:
String topicName = String.format("certificates/%s", certificateId);
String policyName = String.format("Policy_%s", certificateId);
String target = String.format("arn:aws:iot:%s:123456789012:cert/%s", region, certificateId);
String policy = String.format(POLICY, certificateId, topicName, topicName);
awsIotClient.createPolicy(new CreatePolicyRequest().withPolicyDocument(policy).withPolicyName(policyName));
awsIotClient.attachPolicy(new AttachPolicyRequest().withTarget(target).withPolicyName(policyName));
我在尝试执行 awsIotClient.attachPolicy(...)
时收到错误:
Exception in thread "main" com.amazonaws.services.iot.model.AWSIotException: Cross account not allowed. (Service: AWSIot; Status Code: 403; Error Code: AccessDeniedException; Request ID: b943-.....
我的用户帐户具有管理员访问权限。为什么我会收到此错误以及如何修复它?提前致谢。
最佳答案
我发现了一个错误。它是 arn:aws:iot:%s:123456789012:cert/%s 中的 accountId 。我的 AWS 用户有另一个 accountId,我尝试将策略添加到另一个 account_ID,因此出现 Cross account not allowed 错误。
关于java - AWSIotException : Cross account not allowed when trying to attach policy,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58500661/