DEVHIDE
Login Or Sign up

aws cloudfront permissions

360 Views Asked by At

I'm trying to allow a group i defined to have invalidation privliges

I defined a policy on the group that looks like this

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1511787279000",
            "Effect": "Allow",
            "Action": [
                "cloudfront:CreateInvalidation",
                "cloudfront:ListInvalidations"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

ultimately i'd like to lock the resource down to specific Cloudfront arns. but even at this point it doesn't work. when i use the aws cli tool i get

An error occurred (AccessDenied) when calling the CreateInvalidation operation: User: arn:aws:iam::5555555555:user/username is not authorized to perform: cloudfront:CreateInvalidation

What am i doing wrong?

amazon-web-services amazon-cloudfront amazon-iam amazon-policy
Original Q&A
0

There are 0 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-CLOUDFRONT

Related Questions in AMAZON-IAM

Related Questions in AMAZON-POLICY

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.