Che*_*enL 11 amazon-s3 amazon-sns
我正在尝试在S3存储桶上创建一个事件,以便每次创建新对象时,都会向SNS发送一条消息.
我做了一些研究,并添加"ArnLike":{ "AWS:SourceArn": "阿尔恩:AWS:S3: ::testBucket"}为目标的主题的政策.testBucket是存储桶的名称
但是当我尝试创建事件时,它仍然显示"目标主题上的权限不允许S3从此存储桶发布通知"
有任何想法吗?非常感激
Che*_*enL 25
解决问题,在添加条件行之前
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:*:*:testBucket"
}
在默认语句中.结果我必须在其中创建一个包含发布操作的新语句.
{
"Sid": "publish-from-s3",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "arn:aws:sns:ap-southeast-2:XXXXXXXXXXXXXX:testTopicforS3",
"Condition": {
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:*:*:testBucket"
}
}
}
Wal*_*tes 12
是的,创建SNS后,修改添加一条语句(在默认后面):
{
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"SNS:Publish",
"SNS:RemovePermission",
"SNS:SetTopicAttributes",
"SNS:DeleteTopic",
"SNS:ListSubscriptionsByTopic",
"SNS:GetTopicAttributes",
"SNS:Receive",
"SNS:AddPermission",
"SNS:Subscribe"
],
"Resource": "your sns arn"
},
{
"Sid": "s3",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "your sns arn"
}
]
}
| 归档时间: |
|
| 查看次数: |
6860 次 |
| 最近记录: |