Open aldy120 opened 1 year ago
When you specify an assumed-role session in a Principal element, you cannot use a wildcard "*" to mean all sessions. Principals must always name a specific session. https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html
經測試之後,跨帳戶的 access 需要執行端的 IAM user/role 有相關權限,並且 bucket policy 有給權限即可。
Bucket 可以用 Principal 給權限。