Amazon s3 骆驼S3组件上deleteAfterRead所需的权限
我使用camels3组件读取上传到特定S3存储桶的对象。对象已成功读取 但是,使用“deleteAfterRead=true”失败,错误为403(无权限) 我已经在bucket上授予了“write”类别中的所有权限,但仍然得到了错误 现在这些是权限。知道我做错了什么吗Amazon s3 骆驼S3组件上deleteAfterRead所需的权限,amazon-s3,apache-camel,Amazon S3,Apache Camel,我使用camels3组件读取上传到特定S3存储桶的对象。对象已成功读取 但是,使用“deleteAfterRead=true”失败,错误为403(无权限) 我已经在bucket上授予了“write”类别中的所有权限,但仍然得到了错误 现在这些是权限。知道我做错了什么吗 { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:DeleteObject",
"s3:ListBucketMultipartUploads",
"s3:GetObject"
],
"Resource": "arn:aws:s3:::my-camel-bucket"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::*/*"
}
]
}
我找到了答案:对于
s3:DeleteObject
操作,我需要用*
结尾指定资源。因此,arn:aws:s3:::我的骆驼桶/*
而不是简单的arn:aws:s3:::我的骆驼桶
然而,对于ListBucket,我只需要bucket名称。所以,我现在的工作是:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucketMultipartUploads",
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::my-camel-bucket"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:DeleteObject",
"Resource": "arn:aws:s3:::my-camel-bucket/*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::*/*"
}
]
}
提及您正在使用的2.x或3.x版本可能会有所帮助,最好是堆栈跟踪。