Lui*_*uis 7 amazon-s3 amazon-web-services
您好,我按照此回答的说明进行操作,并得到了相同的错误。
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1614469992506",
"Principal": "*",
"Action": [
"s3:DeleteObject",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::<S3_Name>/*"
}
]
}
我收到错误:
操作不适用于语句中的任何资源
我检查了文档,但找不到任何解决方案。
Bal*_*ala 10
ListBucket 应位于存储桶资源本身上,而其他对象操作应位于存储桶内的对象上。所以,我们需要/*桶中的所有对象。
IAM 政策:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::<S3_Name>/*"
},
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::<S3_Name>"
}
]
}
存储桶政策:
与 IAM 策略相同,但它附加了委托人。
"Principal":"*"或"Principal":{"AWS":"*"}将给予公众访问权
"Principal":{"AWS":"arn:aws:iam::AccountNumber-WithoutHyphens:root"}将授予对整个 Aws 账户的访问权限。一些细节在这里和这里
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111122223333:root"
},
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::<S3_Name>/*"
},
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111122223333:root"
},
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::<S3_Name>"
}
]
}
| 归档时间: |
|
| 查看次数: |
4146 次 |
| 最近记录: |