Sample Resource Names for Groups
Some common resource name examples for ChaosSearch objects when specified in RBAC groups
Within the RBAC policy definitions, the primary user can define resources as buckets, object groups, indexes, views, and Search Analytics saved objects. When you create a group for RBAC management, you specify the resources to which you are applying the permissions.
You can specify resources in two console locations:
- The Resources field of the group Wizard
- The Add condition Key/Value fields
The format for the resources varies slightly for each location.
The following table offers some examples for the common resource types and how to specify them in either of these Resource or Add condition Key/Value locations. Note that in the examples below, you could use a prefix name string for all matching objects of that type, or a specific name. Some objects are supported only in the condition fields.
| Object Type | Sample Resource Definition | Sample Condition Definition |
|---|---|---|
| Bucket | arn:aws:s3:::your-bucket-name | Key: s3:bucket/attributes.name Value: your-bucket-name |
| Object Group | crn:objectgroup:::_prefixname-* | Key: chaos:object_group/attributes.name Value: prefixname-* |
| View | crn:view:::prefixname-* | Key: chaos:view/attributes.name Value: prefixname-* |
| Index | Key: chaos:index/attributes.name Value: _prefixname-* | |
| Monitor | Key: crn:monitor::: Value: prefixname-* | |
| Alert | Key: crn:alert::: Value: prefixname-* | |
| Destination | Key: crn:destination::: Value: prefixname-* | |
| Search Analytics Saved Object | Key: chaos:document/attributes.title Value: prefixname-* |
Updated about 1 year ago