Sea*_*256 4 amazon-s3 amazon-web-services
我正在使用 CodeBuild
在我的构建规范中运行以下命令
aws s3 sync ./webroot s3://s3-us-west-2.amazonaws.com/some-amazing-s3-bucket/test
这是存储桶策略:
{
"Version": "2012-10-17",
"Id": "Policy1502332584348",
"Statement": [
{
"Sid": "Stmt1502332580996",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::123456789:role/service-role/code-buid-some-service-role"
},
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::some-amazing-s3-bucket/*",
"arn:aws:s3:::some-amazing-s3-bucket"
]
}
]
}
代码构建失败,原因如下:
[Container] 2017/08/10 02:41:16 Running command aws s3 sync ./webroot s3://s3-us-west-2.amazonaws.com/some-amazing-s3-bucket/test
fatal error: An error occurred (AccessDenied) when calling the ListObjects operation: Access Denied
我缺少什么?我在测试时打开了存储桶策略,但它仍然失败。
小智 7
将以下内容添加到 CodeBuild 生成的角色对我有用:
{
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::mytestbucket",
"arn:aws:s3:::mytestbucket/*"
],
"Action": [
"s3:PutObject",
"s3:Get*",
"s3:List*"
]
}
| 归档时间: |
|
| 查看次数: |
8890 次 |
| 最近记录: |