Amazon web services s3最小上传桶策略授权
我试图让一个基本的上传桶工作,但我有困难,试图把我的头围绕桶政策需要 我目前有:Amazon web services s3最小上传桶策略授权,amazon-web-services,amazon-s3,Amazon Web Services,Amazon S3,我试图让一个基本的上传桶工作,但我有困难,试图把我的头围绕桶政策需要 我目前有: { "Version": "2012-10-17", "Statement": [ { "Sid": "AddPerm", "Effect": "Allow", "Principal": "*", "Action": "s3:*", "Resource": "arn
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::waydope-development/*",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "public-read"
}
}
}
]
}
COR被设置为允许所有。我只需提供一个密钥就可以上传到这个bucket,但是如果提供了授权、签名和策略,这个bucket会因为它是打开的而返回403吗?换句话说,我是否可以提供这些密钥,而不必将主要点指向用户?要了解bucket策略与签名的关系,这里有一个与此相关的问题: 这是最小存储桶策略,任何人都可以获取、发布、放置和删除存储桶中的项目。formdata中所需的全部内容是键,即文件路径 桶配置:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": "*"
"Action": "s3:*",
"Resource": "arn:aws:s3:::example-development/*"
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Allow Get",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-development/*"
},
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::123456789:user/example"
},
"Action": "s3:*",
"Resource": ["arn:aws:s3:::example-development/*","arn:aws:s3:::example-development"]
}
]
}
这是最小的bucket策略,在该策略中,除了get之外,还需要对bucket上传进行用户/组身份验证
桶配置:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": "*"
"Action": "s3:*",
"Resource": "arn:aws:s3:::example-development/*"
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Allow Get",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-development/*"
},
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::123456789:user/example"
},
"Action": "s3:*",
"Resource": ["arn:aws:s3:::example-development/*","arn:aws:s3:::example-development"]
}
]
}