设置时间范围

DateLessThan

DateLessThan compares a datetime in a request to a datetime in your policy. Datetime comparisons compare down to the second; so any value one second before the date in your policy will match the DateLessThan condition.

To match a request, the context key must exist in the request and must match the datetime in your policy.

You can NOT use policy variables in the value of this operator.

DateLessThan in an Allow Statement

Policy Condition

Request Context

Result

"DateLessThan": {
  "aws:CurrentTime": "2011-05-03T00:00:00Z"
}

aws:CurrentTime: null

Not AllowedStatement does not apply

"DateLessThan": {
  "aws:CurrentTime": "2011-05-03T00:00:00Z"
}

aws:CurrentTime: 2011-05-02T23:59:59Z

AllowedAssuming no explicit Deny elsewhere

"DateLessThan": {
  "aws:CurrentTime": "2011-05-03T00:00:00Z"
}

aws:CurrentTime: 2011-05-03T00:00:00Z

Not AllowedStatement does not apply

"DateLessThan": {
  "aws:CurrentTime": "2011-05-03T00:00:00Z"
}

aws:CurrentTime: 2011-05-03T00:00:01Z

Not AllowedStatement does not apply

上一页限制IP地址段下一页允许某个请求者操作 - ArnLike/ArnLikeIfExists

最后更新于3个月前