Wes*_*ley 5 amazon-s3 amazon-web-services
我正在通过aws cli控制台进行分段上传,但是收到此错误;
A client error (AccessDenied) occurred when calling the CreateMultipartUpload operation: Access Denied
以下是我的政策,我在那里遗漏了什么?
谢谢.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::mybucket"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:CreateMultipartUpload",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:ListBucketMultipartUploads"
],
"Resource": "arn:aws:s3:::mybucket/*"
}
]
}
“s3:PutObject”处理 CreateMultipartUpload 操作,所以我猜没有像“s3:CreateMultipartUpload”这样的东西。
您必须在 s3 存储桶 ARN 中更改的内容就像添加 "Resource": "arn:aws:s3::::mybucket"
最终政策:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::mybucket"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:ListBucketMultipartUploads"
],
"Resource": [
"arn:aws:s3:::mybucket",
"arn:aws:s3:::mybucket/*"
]
}
]
}
| 归档时间: |
|
| 查看次数: |
6273 次 |
| 最近记录: |