Amazon web services 访问公共存储桶
一群美国朋友正在map reduce中做一个项目,他们正在开发一个公共数据集。我的朋友使用他的AWS帐户将数据上传到s3 bucket上,并将s3 bucket策略设置为:Amazon web services 访问公共存储桶,amazon-web-services,amazon-s3,amazon,Amazon Web Services,Amazon S3,Amazon,一群美国朋友正在map reduce中做一个项目,他们正在开发一个公共数据集。我的朋友使用他的AWS帐户将数据上传到s3 bucket上,并将s3 bucket策略设置为: { "Version": "2008-10-17", "Id": "Policy1417380373111", "Statement": [ { "Sid": "Stmt1417380310953", "Effect": "Allow",
{
"Version": "2008-10-17",
"Id": "Policy1417380373111",
"Statement": [
{
"Sid": "Stmt1417380310953",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<bucket-name>/*"
},
{
"Sid": "Stmt1417380367754",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::<bucket-name>/*"
}
]
}
{
“版本”:“2008-10-17”,
“Id”:“Policy1417380373111”,
“声明”:[
{
“Sid”:“STMT14173803010953”,
“效果”:“允许”,
“委托人”:{
“AWS”:“*”
},
“操作”:“s3:GetObject”,
“资源”:“arn:aws:s3::/*”
},
{
“Sid”:“Stmt1417380367754”,
“效果”:“允许”,
“委托人”:{
“AWS”:“*”
},
“操作”:“s3:PutObject”,
“资源”:“arn:aws:s3::/*”
}
]
}
注意:上述策略中的设置为bucket的名称
现在,我如何将此公共bucket作为我的aws帐户中的s3 bucket之一装载?显示的bucket策略将允许任何人从指定的Amazon s3 bucket上载(
PutObject
)和下载(GetObject
)
但是,它不允许列出bucket,这很可能是map reduce操作所必需的。因此,我还建议对bucket本身授予ListBucket
权限:
{
"Id": "SomeID",
"Statement": [
{
"Sid": "SomeID",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::<bucket-name>",
"arn:aws:s3:::<bucket-name>/*"
],
"Principal": {
"AWS": [
"123456789012"
]
}
}
]
}
显示的bucket策略将允许任何人从指定的Amazon S3 bucket上载(
PutObject
)和下载(GetObject
)
但是,它不允许列出bucket,这很可能是map reduce操作所必需的。因此,我还建议对bucket本身授予ListBucket
权限:
{
"Id": "SomeID",
"Statement": [
{
"Sid": "SomeID",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::<bucket-name>",
"arn:aws:s3:::<bucket-name>/*"
],
"Principal": {
"AWS": [
"123456789012"
]
}
}
]
}
显示的bucket策略将允许任何人从指定的Amazon S3 bucket上载(
PutObject
)和下载(GetObject
)
但是,它不允许列出bucket,这很可能是map reduce操作所必需的。因此,我还建议对bucket本身授予ListBucket
权限:
{
"Id": "SomeID",
"Statement": [
{
"Sid": "SomeID",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::<bucket-name>",
"arn:aws:s3:::<bucket-name>/*"
],
"Principal": {
"AWS": [
"123456789012"
]
}
}
]
}
显示的bucket策略将允许任何人从指定的Amazon S3 bucket上载(
PutObject
)和下载(GetObject
)
但是,它不允许列出bucket,这很可能是map reduce操作所必需的。因此,我还建议对bucket本身授予ListBucket
权限:
{
"Id": "SomeID",
"Statement": [
{
"Sid": "SomeID",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::<bucket-name>",
"arn:aws:s3:::<bucket-name>/*"
],
"Principal": {
"AWS": [
"123456789012"
]
}
}
]
}