您的位置: 首页  >  技术问答  >  AWS S3:访问,同时上传文件

AWS S3:访问,同时上传文件

分类: 技术问答 2022-06-23 17:45:56
问题描述:

我想上传一个文件,通过PHP SDK AWS S3水桶,为了做到这一点我创建了一个IAM用户拒绝,并增加了内嵌政策AWS S3:访问,同时上传文件

{ 
    "Version": "2012-10-17", 
    "Statement": [ 
     { 
      "Effect": "Allow", 
      "Action": [ 
       "s3:ListBucket", 
       "s3:GetBucketLocation" 
      ], 
      "Resource": "arn:aws:s3:::bucket/*" 
     }, 
     { 
      "Effect": "Allow", 
      "Action": [ 
       "s3:PutObject", 
       "s3:GetObject", 
       "s3:DeleteObject" 
      ], 
      "Resource": "arn:aws:s3:::bucket/*" 
     } 
    ] 
}

这是我的PHP代码

$s3 = new S3Client([ 
    'version' => 'latest', 
    'region' => 'ap-south-1', 
    'credentials' => 
     array(
      'key'=>'X', 
      'secret' =>'X' 
     ) 
]); 

try { 
    $s3->putObject([ 
     'Bucket' => 'candy-prototype', 
     'Key' => 'my-object.txt', 
     'Body' => fopen('test.txt', 'r'), 
     'ACL' => 'public-read', 
    ]); 
} catch (Aws\S3\Exception\S3Exception $e) { 
    echo $e->getMessage(); 
    echo "There was an error uploading the file.\n"; 
}

但它会抛出拒绝访问异常

Error executing "PutObject" on "https://s3.<region>.amazonaws.com/bucket/my-object.txt"; AWS HTTP

error: Client error: PUT https://s3.ap-south-1.amazonaws.com/candy-prototype/my-object.txt resulted in a 403 Forbidden response: AccessDeniedAccess DeniedC21D9D (truncated...) AccessDenied (client): Access Denied - AccessDeniedAcces UPDATE

授予读写行政许可法到everyone,但它没有奏效。 IAM用户可以能够上传/删除AWS网络adminpanel /视图,但是API访问被拒绝

ListBucket & GetBucketLocation应适用于斗,不斗/ * 变化的第一部分的资源政策

{ 
     "Effect": "Allow", 
     "Action": [ 
      "s3:ListBucket", 
      "s3:GetBucketLocation" 
     ], 
     "Resource": "arn:aws:s3:::bucket" 
    },

参考this文档

相关推荐