Did*_*idi 15 amazon-s3 amazon-web-services lakefs
{
"Id": "Policy1590051531320",
"Version": "2012-10-17",
"Statement": [
{ "Sid": "Stmt1590051522178",
"Action": [ "s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:GetBucketVersioning",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions" ],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::lakefs", "arn:aws:s3:::lakefs/backend.txt/*"],
"Principal": {"AWS": ["arn:aws:iam::REDACTED:user/uing"]
}
}
]
}
这是我的 s3 存储桶策略,但它返回“策略必须是有效的 JSON,并且第一个字节必须是“{”。我的资源字段中有正确的存储桶名称以及带有路径前缀的存储桶名称。知道为什么我会收到此错误吗?
Mar*_*cin 26
{一开始就不能有这些空格。它应该是:
{
"Id": "Policy1590051531320",
"Version": "2012-10-17",
"Statement": [
{ "Sid": "Stmt1590051522178",
"Action": [ "s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:GetBucketVersioning",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions" ],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::lakefs", "arn:aws:s3:::lakefs/backend.txt/*"],
"Principal": {"AWS": ["arn:aws:iam::172787983831:user/uing"]
}
}
]
}
[lakeFS 开发人员在这里,但这是一个 AWS 问题]
正如错误消息所示,它希望您以{(并且前面没有空格) 开始您的策略。
请注意,S3 将基于资源的策略(如本例)与基于身份的策略分开,后者是您在 IAM 服务上设置的。存在重要差异。通常,基于身份的策略比基于资源的策略更容易设置:错误消息更容易阅读,基于 Web 的 UI 更友好(并提供 JSON 策略的在线错误报告,或相当不错的可视化策略编辑器) , ETC。
| 归档时间: |
|
| 查看次数: |
16274 次 |
| 最近记录: |