java AWSIotException:尝试附加策略时不允许跨帐户
我正在尝试生成策略并将其附加到证书。我使用下一个代码:
String topicName = String.format("certificates/%s", certificateId);
String policyName = String.format("Policy_%s", certificateId);
String target = String.format("arn:aws:iot:%s:123456789012:cert/%s", region, certificateId);
String policy = String.format(POLICY, certificateId, topicName, topicName);
awsIotClient.createPolicy(new CreatePolicyRequest().withPolicyDocument(policy).withPolicyName(policyName));
awsIotClient.attachPolicy(new AttachPolicyRequest().withTarget(target).withPolicyName(policyName));
尝试执行awsIotClient.attachPolicy(...)时出错:
Exception in thread "main" com.amazonaws.services.iot.model.AWSIotException: Cross account not allowed. (Service: AWSIot; Status Code: 403; Error Code: AccessDeniedException; Request ID: b943-.....
我的用户帐户具有管理员访问权限。我为什么会出现这个错误以及如何修复它?提前谢谢
# 1 楼答案
我发现了一个错误。它是arn:aws:iot:%s:123456789012:cert/%s中的accountId。我的AWS用户有另一个accountId,我试图将策略添加到另一个account_ID,因此我得到了不允许跨帐户错误