s3策略具有无效操作 - s3:ListAllMyBuckets

Question

s3策略具有无效操作 - s3:ListAllMyBuckets

我在我的桶上通过console.aws.amazon.com尝试这些策略:


    {
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "s3:ListBucket",
            "s3:GetBucketLocation",
            "s3:ListBucketMultipartUploads"
          ],
          "Resource": "arn:aws:s3:::itnighq",
          "Condition": {}
        },
        {
          "Effect": "Allow",
          "Action": [
            "s3:AbortMultipartUpload",
            "s3:DeleteObject",
            "s3:DeleteObjectVersion",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:GetObjectVersion",
            "s3:GetObjectVersionAcl",
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:PutObjectAclVersion"
          ],
          "Resource": "arn:aws:s3:::itnighq/*",
          "Condition": {}
        },
        {
          "Effect": "Allow",
          "Action": "s3:ListAllMyBuckets",
          "Resource": "*",
          "Condition": {}
        }
      ]
    }

但我收到此错误消息: 策略有无效操作 - s3:ListAllMyBuckets 它似乎不喜欢"资源":"*",我也尝试使用**arn:aws:s3 :::****,但它也不起作用.

有人有任何线索吗？

Answer 1

z0r*_*z0r 14

正如zdev所提到的,你需要为IAM做这件事.转到IAM控制台并导航到用户>权限>内联策略>创建>自定义,然后输入:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ]
        }
    ]
}

Run Code Online (Sandbox Code Playgroud)

Answer 2

zde*_*dev 10

我想通了自己.它需要在IAM中完成,而不是在S3本身......

您能否描述一下如何在IAM中应用此策略？ (13认同)

归档时间：	13 年前
查看次数：	17315 次
最近记录：	8 年前