C# 用于S3的AWS列表用户文件夹_C#_Amazon Web Services_Amazon S3_Amazon Iam

C# 用于S3的AWS列表用户文件夹

c# amazon-web-services amazon-s3

C# 用于S3的AWS列表用户文件夹,c#,amazon-web-services,amazon-s3,amazon-iam,C#,Amazon Web Services,Amazon S3,Amazon Iam,创建一个C#应用程序，以查看AWS S3中存储的文件夹和文件，供注册到我的网站的客户端使用目前，我可以创建IAM用户并将其权限分配给特定文件夹。但是当我试图查看文件夹及其内容时遇到问题。如果我使用AWS访问密钥和密钥，我可以查看文件夹，但我想知道是否有用户级凭据可用于检索授予用户权限的文件夹这就是我目前所得到的 Policy pl = GeneratePolicy(bucketName, foldername); Credentials cre

创建一个C#应用程序，以查看AWS S3中存储的文件夹和文件，供注册到我的网站的客户端使用

目前，我可以创建IAM用户并将其权限分配给特定文件夹。但是当我试图查看文件夹及其内容时遇到问题。如果我使用AWS访问密钥和密钥，我可以查看文件夹，但我想知道是否有用户级凭据可用于检索授予用户权限的文件夹

这就是我目前所得到的

            Policy pl = GeneratePolicy(bucketName, foldername);
            Credentials creds = GetFederatedCredentials(pl, username);


            var sessionCredentials = new SessionAWSCredentials(creds.AccessKeyId, creds.SecretAccessKey, creds.SessionToken);

            using (var client = new AmazonS3Client(sessionCredentials, Amazon.RegionEndpoint.USEast1))
            {
                var response = client.ListObjects(request);

                foreach (var subFolder in response.CommonPrefixes)
                {
                    /* list the sub-folders */

                    Console.WriteLine(subFolder);
                }
                foreach (var file in response.S3Objects)
                {
                    /* list the files */
                }
            }

但是在client.ListObjects（请求）上获取错误-拒绝访问错误

这是GeneratePolicy代码

public static Policy GeneratePolicy(string bucket, string username)
    {
        var statement = new Statement(Statement.StatementEffect.Allow);

        // Allow access to the sub folder represented by the username in the bucket
        statement.Resources.Add(ResourceFactory.NewS3ObjectResource(bucket, username + "/*"));

        // Allow Get and Put object requests.
        statement.Actions = new List<ActionIdentifier>() { S3ActionIdentifiers.GetObject, S3ActionIdentifiers.PutObject };

        // Lock the requests coming from the client machine.
        //statement.Conditions.Add(ConditionFactory.NewIpAddressCondition(ipAddress));

        var policy = new Policy();
        policy.Statements.Add(statement);

        return policy;
    }

任何帮助都将不胜感激。提前感谢

您应该在语句中添加“ListBucket”。操作

public static Credentials GetFederatedCredentials(Policy policy, string username)
    {
        var request = new GetFederationTokenRequest()
        {
            Name = username,
            Policy = policy.ToJson()
        };

        var stsClient = new AmazonSecurityTokenServiceClient(AWS_ACCESS_KEY, AWS_SECRET_KEY, Amazon.RegionEndpoint.USEast1);

        var response = stsClient.GetFederationToken(request);
        return response.GetFederationTokenResult.Credentials;
    }