堆栈内存溢出
  简体   繁体   English

保护Amazon S3存储桶

[英]Securing Amazon S3 bucket

 原文  2014-07-23 01:43:04       c#/ amazon-web-services/ amazon-s3

问题描述

I create my AWS client without passind in my token or secret, like this: 我创建我的AWS客户端时无需在令牌或密码中添加passind,如下所示: 

AWSClientFactory.CreateAmazonS3Client()

I am then able to upload an image using: 然后,我可以使用以下方式上传图片: 

var request = new PutObjectRequest
                {
                    BucketName = _bucketName,
                    CannedACL = S3CannedACL.PublicRead,
                    Key = key,
                    InputStream = inputStream,
                    ContentType = contentType
                };

                _amazonS3Client.PutObject(request);

I have specified the permissions for my bucket so that only I have access to write, but judging by this code I must be wronge as I am not passing in my credentials? 我已经为我的存储桶指定了权限,以便只有我可以写权限,但是根据此代码判断,由于我未传递我的凭据,所以我一定很不高兴?

Have I incorectly configured my S3 bucket? 我是否错误地配置了S3存储桶?

2 个解决方案

解决方案1
 1  2014-07-23 04:34:39

You have created Amazon S3 Client without passing your AWS credentials,either it create a client for the Amazon S3 Service with the credentials loaded from the application's default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance. 您已创建Amazon S3 Client而不传递您的AWS凭证,或者使用从应用程序的默认配置加载的凭证为Amazon S3服务创建了客户端,或者在EC2实例上从Instance Profile Service中未成功创建客户端。

Example App.config with credentials set. 设置了凭据的示例App.config。

For example : App.config with credentials set: 例如:设置了凭据的App.config: 

<?xml version="1.0" encoding="utf-8" ?> <configuration>
    <appSettings>
        <add key="AWSAccessKey" value="********************"/>
        <add key="AWSSecretKey" value="****************************************"/>
    </appSettings> </configuration>

Thus, you are able to successfully upload objects into your S3 Bucket. 因此,您可以成功将对象上传到S3存储桶。

See for more details : http://docs.aws.amazon.com/sdkfornet1/latest/apidocs/html/T_Amazon_AWSClientFactory.htm 请参阅以获取更多详细信息: http : //docs.aws.amazon.com/sdkfornet1/latest/apidocs/html/T_Amazon_AWSClientFactory.htm

解决方案2
 0  2016-03-17 16:12:55

If you follow aws documentation, you will see there is few ways to create the credential files where the AWS SDK can access it directly ( http://docs.aws.amazon.com/AWSSdkDocsNET/V2/DeveloperGuide/net-dg-config-creds.html ) 如果您遵循aws文档,将会看到有几种方法可以创建可直接用于AWS开发工具包访问的凭证文件( http://docs.aws.amazon.com/AWSSdkDocsNET/V2/DeveloperGuide/net-dg-config -creds.html

Check the line that say "There are several ways to manage the profiles in the SDK Store" . 选中“在SDK Store中有几种方法来管理配置文件”行。 Use the documentation to inspect which configuration you use. 使用文档检查您使用的配置。

You can test the connection by replacing the say credential file that you setup with invalid string, eg "XXXXXXXX" and try connect again to prove it. 您可以通过使用无效的字符串(例如“ XXXXXXXX”)替换您设置的验证文件来测试连接,然后尝试再次连接以证明这一点。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 检查 Amazon S3 存储桶上是否存在文件夹 - Check if folder exist on Amazon S3 bucket 如何在亚马逊 s3 存储桶中创建子目录 - How to create subdirectory in amazon s3 bucket 带有Amazon S3存储桶的AWS Sync文件 - AWS Sync files with amazon s3 bucket 如何检查Amazon S3存储桶是否为空 - How to check if Amazon S3 bucket is empty 亚马逊s3斗可以用于排队吗? - Can amazon s3 bucket be used for queues? 将文件上传到Amazon S3存储桶 - Upload file to Amazon S3 bucket 在事务中写入 Amazon S3 存储桶和 Amazon RDS - Write to Amazon S3 bucket and Amazon RDS withinin a transaction Amazon S3存储桶C#API未捕获错误 - Amazon S3 Bucket C# API Not Catching Errors 无法替换Amazon S3存储桶中的文件 - can't replace file in amazon s3 bucket 如何从Amazon S3存储桶获取最早添加的对象? - How to get the oldest added object from Amazon S3 Bucket?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM