Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/asp.net-mvc/15.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/amazon-web-services/14.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Asp.net mvc 如何防止错误的发生';访问被拒绝';使用Asp.net mvc在AWS bucket中上载文件时_Asp.net Mvc_Amazon Web Services_Amazon S3 - Fatal编程技术网
Fatal编程技术网
  • asp.net-mvc/
  • Asp.net mvc 如何防止错误的发生';访问被拒绝';使用Asp.net mvc在AWS bucket中上载文件时

Asp.net mvc 如何防止错误的发生';访问被拒绝';使用Asp.net mvc在AWS bucket中上载文件时

asp.net-mvc amazon-web-services amazon-s3

Asp.net mvc 如何防止错误的发生';访问被拒绝';使用Asp.net mvc在AWS bucket中上载文件时,asp.net-mvc,amazon-web-services,amazon-s3,Asp.net Mvc,Amazon Web Services,Amazon S3,我尝试在asp.net mvc的s3 bucket中上传文件, 我得到一个权限错误。请让我知道我哪里做错了。我还添加了IAM s3策略, 我的桶政策如下 { "Version": "2012-10-17", "Statement": [ { "Sid": "AddCannedAcl", "Effect": "Allow", "Principal": { "AWS

我尝试在asp.net mvc的s3 bucket中上传文件, 我得到一个权限错误。请让我知道我哪里做错了。我还添加了IAM s3策略, 我的桶政策如下

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AddCannedAcl",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::10250405040:user/someone"
            },
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": "arn:aws:s3:::something/*",
            "Condition": {
                "StringEquals": {
                    "s3:x-amz-acl": "public-read"
                }
            }
        }
    ]
}
我的IAM政策

 {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:PutObject",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ]
        }
    ]
}
这是我的密码 以下变量在控制器类中全局声明。 并将其发送到下面的上传方法中的AmazonS3Client方法

private static readonly string _awsAccessKey = "something";
private static readonly string _awsSecretKey = "something";
private static readonly string _bucketName = "something";
[HttpPost]
public ContentResult UploadImgsAndInsertIncident()
    {
        try
        {
            foreach (string file in Request.Files)
            {
                var uploadedFile = Request.Files[file];
                if (uploadedFile != null)
                {
                    AmazonS3Config S3Config = new AmazonS3Config
                    {
                        //its default region set by amazon
                        SignatureVersion = "4",
                        RegionEndpoint = RegionEndpoint.USEast1,
                        SignatureMethod = SigningAlgorithm.HmacSHA256
                    };

                    AmazonS3Client client;
                    using (client = new Amazon.S3.AmazonS3Client(_awsAccessKey, _awsSecretKey, S3Config))
                    {

                        var request = new PutObjectRequest()
                        {
                            BucketName = _bucketName,
                            CannedACL = S3CannedACL.PublicRead,//PERMISSION TO FILE PUBLIC ACCESIBLE
                            Key = string.Format("UPLOADS/{0}", uploadedFile.FileName),
                            InputStream = uploadedFile.InputStream//SEND THE FILE STREAM
                        };

                        var response = client.PutObject(request);
                        if (Convert.ToString(response.HttpStatusCode) == "OK")
                        {
                            //do what you want..
                        }
                    }
                }
            }

        }

        catch (Exception)
        {

        }
        return Content("Success");
    }
在这条线上

var response = client.PutObject(request);
获取异常,即“访问被拒绝”。
那么问题出在哪里?我缺少什么?

我们必须编辑公共访问设置,然后需要为您的帐户和存储桶将前两个选项设置为false,最后两个选项设置为true。 例如:

“bucketName”是您真正的bucket名称,还是这只是一个示例?:)这只是一个示例,您的bucket策略指定了IAM用户。您是以IAM用户身份运行代码还是使用IAM角色运行代码?你能发布你的IAM策略吗?是的,我用IAM用户运行代码。我添加了我的IAM策略 
Manage public access control lists (ACLs):
        Block new public ACLs and uploading public objects (Recommended)
                False
        Remove public access granted through public ACLs (Recommended)
                False

Manage public bucket policies:
        Block new public bucket policies (Recommended)
                True
        Block public and cross-account access if bucket has public policies (Recommended)
                True