Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/amazon-s3/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Amazon s3 Amazon红移:访问被拒绝RestoreClusterSnapshotRequest_Amazon S3_Amazon Redshift_Aws Sdk - Fatal编程技术网
Fatal编程技术网
  • amazon-s3/
  • Amazon s3 Amazon红移:访问被拒绝RestoreClusterSnapshotRequest

Amazon s3 Amazon红移:访问被拒绝RestoreClusterSnapshotRequest

amazon-s3 amazon-redshift

Amazon s3 Amazon红移:访问被拒绝RestoreClusterSnapshotRequest,amazon-s3,amazon-redshift,aws-sdk,Amazon S3,Amazon Redshift,Aws Sdk,尝试使用快照恢复群集时遇到问题。如果有人给我指点,我将不胜感激 使用的代码是: var con = new AmazonRedshiftClient(acess_key_id, secret_acess_key, Amazon.RegionEndpoint.USWest2); var restore = new Amazon.Redshift.Model.RestoreFromClusterSnapshotRequest() { Clus

尝试使用快照恢复群集时遇到问题。如果有人给我指点,我将不胜感激

使用的代码是:

var con = new AmazonRedshiftClient(acess_key_id, secret_acess_key, Amazon.RegionEndpoint.USWest2);

        var restore = new Amazon.Redshift.Model.RestoreFromClusterSnapshotRequest()
        {
            ClusterIdentifier = clusterIdentifier,
            SnapshotIdentifier = snapshotIdentifier,
            AvailabilityZone = "us-west-2a",
        };

        var response = con.RestoreFromClusterSnapshot(restore);

        Console.WriteLine("Cluster Status : {0}", response.Cluster.ClusterStatus);
当它调用RestoreClusterSnapshotRequest操作时,我有一个异常: “访问被拒绝。请确保您的IAM权限允许此操作。”

对Amazon Redshift使用基于身份的策略(IAM策略),如下所示 政策:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": [
            "redshift:CopyClusterSnapshot",
            "redshift:RestoreFromClusterSnapshot",
            "redshift:AuthorizeSnapshotAccess",
            "redshift:RevokeSnapshotAccess"
        ],
        "Resource": [
            "arn:aws:redshift:us-west-2:{AccoundId}:*/backup-20160208-dbrd",
            "arn:aws:redshift:us-west-2: {AccoundId}:cluster:*"
        ]
    },
    {
        "Effect": "Allow",
        "Action": [
            "redshift:DescribeClusterSnapshots"
        ],
        "Resource": [
            "*"
        ]
    }
]
}

谁能帮我解决这个问题。。如果我在使用过程中犯了任何错误,请纠正我

提前感谢

我想您错过了“资源”部分中的快照详细信息部分。 请参阅以下更新版本:

"Resource": [
            "arn:aws:redshift:us-west-2:{AccoundId}:*/backup-20160208-dbrd",
            "arn:aws:redshift:us-west-2: {AccoundId}:cluster:*",
            "arn:aws:redshift:us-west-2:{AccoundId}:snapshot:*"
        ]
希望这对您有所帮助。

如中所建议,您应该更改此行:

"arn:aws:redshift:us-west-2:{AccoundId}:*/backup-20160208-dbrd",

另外,我通过AWS支持部门的一系列尝试和错误以及帮助发现,您还需要几个
ec2
权限才能从快照恢复红移群集。目前的名单如下:

    {
        "Sid": "",
        "Effect": "Allow",
        "Action": [
            "ec2:DescribeAccountAttributes",
            "ec2:DescribeAddresses",
            "ec2:DescribeAvailabilityZones",
            "ec2:DescribeSecurityGroups",
            "ec2:DescribeSubnets",
            "ec2:DescribeVpcs",
            "ec2:DescribeInternetGateways"
        ],
        "Resource": "*"
    }
您可能只想执行
ec2:descripe*
,以方便和/或在将来权限的确切设置发生变化时防止这种中断

(搜索“RestoreFromClusterSnapshot”)应该很快更新此信息。

疯狂,但这是秘密

        "ec2:DescribeAccountAttributes",
        "ec2:DescribeAddresses",
        "ec2:DescribeAvailabilityZones",
        "ec2:DescribeSecurityGroups",
        "ec2:DescribeSubnets",
        "ec2:DescribeVpcs",
        "ec2:DescribeInternetGateways"

        "ec2:DescribeAccountAttributes",
        "ec2:DescribeAddresses",
        "ec2:DescribeAvailabilityZones",
        "ec2:DescribeSecurityGroups",
        "ec2:DescribeSubnets",
        "ec2:DescribeVpcs",
        "ec2:DescribeInternetGateways"