Amazon web services S3存储桶策略-拒绝存储桶删除返回“;无效的策略语法";
我试图防止意外删除我的S3存储桶。使用策略生成器,我提出了以下策略:Amazon web services S3存储桶策略-拒绝存储桶删除返回“;无效的策略语法";,amazon-web-services,amazon-s3,Amazon Web Services,Amazon S3,我试图防止意外删除我的S3存储桶。使用策略生成器,我提出了以下策略: { "Id": "Policy1611547079478", "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1611547073630", "Action": [
{
"Id": "Policy1611547079478",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1611547073630",
"Action": [
"s3:DeleteBucket"
],
"Effect": "Deny",
"Resource": "arn:aws:s3:::my-bucket-name/*",
"Principal": "*",
}
]
}
但是,当我尝试保存策略时,会出现以下错误:
未知错误发生意外错误。API响应策略语法无效。
我已经有了一个bucket策略,可以公开存储图片的bucket。以下是完整的代码:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket-name/*"
}
]
},
{
"Id": "Policy1611547079478",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1611547073630",
"Action": [
"s3:DeleteBucket"
],
"Effect": "Deny",
"Resource": "arn:aws:s3:::my-bucket-name/*",
"Principal": "*",
}
]
}
公共存储桶策略有效,当我添加拒绝删除存储桶策略时,我得到错误。您问题中的存储桶策略的形式不正确。应该是:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket-name/*"
},
{
"Sid": "Stmt1611547073630",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:DeleteBucket",
"Resource": "arn:aws:s3:::my-bucket-name"
}
]
}
由于在第一条语句中您允许公共访问,因此您还必须禁用
阻止所有公共访问
删除bucket
用于arn:aws:s3:::我的bucket name
,而不是arn:aws:s3::我的bucket name/*
。但是你确定你要这么做吗?这将拒绝您删除此bucket。您显示的完整代码是实际的bucket策略,这只是格式化问题,所以?我尝试了,但仍然收到错误消息。我的想法是,如果我真的想删除bucket,我可以进入Permissions并删除“denydelete”策略。我真的只是想保护自己,以免有一天不小心点击了错误的按钮,或者更糟糕的是,我的4岁儿子的按钮在我的电脑上被捣乱。。。Lol删除包含对象的bucket不是那么容易的。首先,您必须先删除所有对象,然后才能删除bucket。该策略不会保护您删除对象。太好了,这就成功了。多谢各位@事实上没问题。很高兴它成功了:-)