我正在尝试使用 VB.Net 代码访问 Amazon S3 的存储桶。例如,
Dim config As AmazonS3Config = New AmazonS3Config config.ServiceURL = “https://s3-us-west-2.s3-website-us-west-2.amazonaws.com/scrape-pool/daily“客户端 = Amazon.AWSClientFactory.CreateAmazonS3Client(access_key,secret_access_key,config)客户端 = Amazon.AWSClientFactory.CreateAmazonS3Client Dim 请求作为新的 PutObjectRequest()Dim S3_KEY 作为字符串 = “Demo_Create_File_For_Test_AmazonS3.txt”
Try
request.WithBucketName(bucket_name)
request.WithKey(S3_KEY)
request.WithContentBody("This is body of S3 object.")
client.PutObject(request)
Catch ex As Exception
End Try
而且,我有如下所示的访问权限,这是我的公司授予的,用于访问 Amazon S3 存储桶。但我无法访问存储桶。它总是显示“拒绝访问”,您能否建议我应该拥有哪些访问权限,以便我可以访问存储桶?
{ "声明": [ { "效果": "允许", "动作": ["s3:"], "资源": [ "arn:aws:s3:::scrape-pool/daily/" ] }, { "效果": "允许", "动作": ["s3:ListBucket"], "资源": [ "arn:aws:s3:::scrape-pool" ] } ] }
请给予指导,谢谢
答案1
该策略声明不会授予您对存储桶前缀的完整权限。该部分:
{ "Effect": "Allow", "Action": ["s3:"], "Resource": [ "arn:aws:s3:::scrape-pool/daily/" ] }
看起来应像这样(添加一个 * ):
{ "Effect": "Allow", "Action": ["s3:*"], "Resource": [ "arn:aws:s3:::scrape-pool/daily/" ] }
这将授予您该前缀的完整 S3 权限。