C# 用于S3的AWS列表用户文件夹
创建一个C#应用程序,以查看AWS S3中存储的文件夹和文件,供注册到我的网站的客户端使用 目前,我可以创建IAM用户并将其权限分配给特定文件夹。但是当我试图查看文件夹及其内容时遇到问题。如果我使用AWS访问密钥和密钥,我可以查看文件夹,但我想知道是否有用户级凭据可用于检索授予用户权限的文件夹 这就是我目前所得到的C# 用于S3的AWS列表用户文件夹,c#,amazon-web-services,amazon-s3,amazon-iam,C#,Amazon Web Services,Amazon S3,Amazon Iam,创建一个C#应用程序,以查看AWS S3中存储的文件夹和文件,供注册到我的网站的客户端使用 目前,我可以创建IAM用户并将其权限分配给特定文件夹。但是当我试图查看文件夹及其内容时遇到问题。如果我使用AWS访问密钥和密钥,我可以查看文件夹,但我想知道是否有用户级凭据可用于检索授予用户权限的文件夹 这就是我目前所得到的 Policy pl = GeneratePolicy(bucketName, foldername); Credentials cre
Policy pl = GeneratePolicy(bucketName, foldername);
Credentials creds = GetFederatedCredentials(pl, username);
var sessionCredentials = new SessionAWSCredentials(creds.AccessKeyId, creds.SecretAccessKey, creds.SessionToken);
using (var client = new AmazonS3Client(sessionCredentials, Amazon.RegionEndpoint.USEast1))
{
var response = client.ListObjects(request);
foreach (var subFolder in response.CommonPrefixes)
{
/* list the sub-folders */
Console.WriteLine(subFolder);
}
foreach (var file in response.S3Objects)
{
/* list the files */
}
}
但是在client.ListObjects(请求)上获取错误-拒绝访问错误
这是GeneratePolicy代码
public static Policy GeneratePolicy(string bucket, string username)
{
var statement = new Statement(Statement.StatementEffect.Allow);
// Allow access to the sub folder represented by the username in the bucket
statement.Resources.Add(ResourceFactory.NewS3ObjectResource(bucket, username + "/*"));
// Allow Get and Put object requests.
statement.Actions = new List<ActionIdentifier>() { S3ActionIdentifiers.GetObject, S3ActionIdentifiers.PutObject };
// Lock the requests coming from the client machine.
//statement.Conditions.Add(ConditionFactory.NewIpAddressCondition(ipAddress));
var policy = new Policy();
policy.Statements.Add(statement);
return policy;
}
任何帮助都将不胜感激。提前感谢您应该在语句中添加“ListBucket”。操作
public static Credentials GetFederatedCredentials(Policy policy, string username)
{
var request = new GetFederationTokenRequest()
{
Name = username,
Policy = policy.ToJson()
};
var stsClient = new AmazonSecurityTokenServiceClient(AWS_ACCESS_KEY, AWS_SECRET_KEY, Amazon.RegionEndpoint.USEast1);
var response = stsClient.GetFederationToken(request);
return response.GetFederationTokenResult.Credentials;
}