我成立CodeCommit SSH访问和测试连接:IAM阻止访问AWS CodeCommit回购
You have successfully authenticated over SSH. You can use Git to interact with AWS CodeCommit. Interactive shells are not supported.Connection to git-codecommit.us-east-1.amazonaws.com closed by remote host.
当我尝试克隆或推,我看到这个错误:
Access denied: User: arn:aws:iam::##########:user/[email protected] is not authorized to perform: codecommit:GitPull on resource: arn:aws:codecommit:us-east-1:##########:my-repo
即使在向我的用户添加策略以访问此回购库上的所有操作后,我无法克隆或推送。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:*"
],
"Resource": [
"arn:aws:codecommit:us-east-1:##########:my-repo"
]
}
]
}
什么给?其他人有没有这个问题?
您是否还添加了IAMUserSSHKeys和IAMReadOnlyAccess的策略?请参阅http://docs.aws.amazon.com/codecommit/latest/userguide/how-to-share-repository.html#how-to-share-repository-IAMgroup。 PS您应该为IAM组执行此操作,然后将用户添加到该组,而不是将单个策略添加到IAM用户。 – jarmod
是的,建立一个包含这些策略的组和我描述的策略。 –