Amazon web services 访问公共存储桶_Amazon Web Services_Amazon S3_Amazon

Amazon web services 访问公共存储桶

amazon-web-services amazon-s3

Amazon web services 访问公共存储桶,amazon-web-services,amazon-s3,amazon,Amazon Web Services,Amazon S3,Amazon,一群美国朋友正在map reduce中做一个项目，他们正在开发一个公共数据集。我的朋友使用他的AWS帐户将数据上传到s3 bucket上，并将s3 bucket策略设置为： { "Version": "2008-10-17", "Id": "Policy1417380373111", "Statement": [ { "Sid": "Stmt1417380310953", "Effect": "Allow",

一群美国朋友正在map reduce中做一个项目，他们正在开发一个公共数据集。我的朋友使用他的AWS帐户将数据上传到s3 bucket上，并将s3 bucket策略设置为：

{
    "Version": "2008-10-17",
    "Id": "Policy1417380373111",
    "Statement": [
        {
            "Sid": "Stmt1417380310953",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<bucket-name>/*"
        },
        {
            "Sid": "Stmt1417380367754",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::<bucket-name>/*"
        }
    ]
}

{
“版本”：“2008-10-17”，
“Id”：“Policy1417380373111”，
“声明”：[
{
“Sid”：“STMT14173803010953”，
“效果”：“允许”，
“委托人”：{
“AWS”：“*”
},
“操作”：“s3:GetObject”，
“资源”：“arn:aws:s3:：/*”
},
{
“Sid”：“Stmt1417380367754”，
“效果”：“允许”，
“委托人”：{
“AWS”：“*”
},
“操作”：“s3:PutObject”，
“资源”：“arn:aws:s3:：/*”
}
]
}

注意：上述策略中的设置为bucket的名称

现在，我如何将此公共bucket作为我的aws帐户中的s3 bucket之一装载？

显示的bucket策略将允许任何人从指定的Amazon s3 bucket上载（

PutObject

）和下载（

GetObject

）

但是，它不允许列出bucket，这很可能是map reduce操作所必需的。因此，我还建议对bucket本身授予

ListBucket

权限：

{
  "Id": "SomeID",
  "Statement": [
    {
      "Sid": "SomeID",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::<bucket-name>",
        "arn:aws:s3:::<bucket-name>/*"
      ],
      "Principal": {
        "AWS": [
          "123456789012"
        ]
      }
    }
  ]
}

显示的bucket策略将允许任何人从指定的Amazon S3 bucket上载（

PutObject

）和下载（

GetObject

）

但是，它不允许列出bucket，这很可能是map reduce操作所必需的。因此，我还建议对bucket本身授予

ListBucket

权限：

{
  "Id": "SomeID",
  "Statement": [
    {
      "Sid": "SomeID",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::<bucket-name>",
        "arn:aws:s3:::<bucket-name>/*"
      ],
      "Principal": {
        "AWS": [
          "123456789012"
        ]
      }
    }
  ]
}

显示的bucket策略将允许任何人从指定的Amazon S3 bucket上载（

PutObject

）和下载（

GetObject

）

但是，它不允许列出bucket，这很可能是map reduce操作所必需的。因此，我还建议对bucket本身授予

ListBucket

权限：

{
  "Id": "SomeID",
  "Statement": [
    {
      "Sid": "SomeID",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::<bucket-name>",
        "arn:aws:s3:::<bucket-name>/*"
      ],
      "Principal": {
        "AWS": [
          "123456789012"
        ]
      }
    }
  ]
}

显示的bucket策略将允许任何人从指定的Amazon S3 bucket上载（

PutObject

）和下载（

GetObject

）

但是，它不允许列出bucket，这很可能是map reduce操作所必需的。因此，我还建议对bucket本身授予

ListBucket

权限：

{
  "Id": "SomeID",
  "Statement": [
    {
      "Sid": "SomeID",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::<bucket-name>",
        "arn:aws:s3:::<bucket-name>/*"
      ],
      "Principal": {
        "AWS": [
          "123456789012"
        ]
      }
    }
  ]
}