[英]Can I set a policy for certain file in an S3 bucket?
I have an S3 bucket "mybucket" with loads of files in it for example: 我有一个S3存储桶“ mybucket”,其中包含许多文件,例如:
upload1/123.jpg
public/353.jpg
public/123.jpg
upload2/33.jpg
upload3/423.jpg
As I understand it the folders are just a convenience and are just objects anyways. 据我了解,文件夹只是一种方便,无论如何都只是对象。 So is it possible to make all the public/* objects public but not the others?
那么是否有可能使所有public / *对象成为公共对象,而不是其他对象? How can I do this?
我怎样才能做到这一点?
EDIT: I've done so more reading, would something like this work and not affect anything else? 编辑:我已经做了更多的阅读,这样的工作会不会影响到其他任何事情?
{
"Id": "Policy1415732583092",
"Statement": [
{
"Sid": "Stmt1415732573054",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::mybucket/public/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
Yes this works just fine. 是的,这很好。 You can add this policy to your bucket permissions:
您可以将此策略添加到存储桶权限中:
{
"Version": "2012-10-17",
"Id": "123",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:**",
"Resource": "arn:aws:s3:::mybucket/public/*"
}
]
}
Then add a file called test.html to your public folder and one of your private folders: 然后将一个名为test.html的文件添加到您的公用文件夹和一个私人文件夹中:
<html>
<body>
test
</body>
</html>
Then enable static web hosting on the s3 bucket and then go to the S3 endpoint in a web browser (for me in US Standard this would be: http://s3.amazonaws.com/mybucket/public/test.html
) and you will see the web page displayed, but when you try to access this page through the private bucket you will see that it fails. 然后在s3存储桶上启用静态虚拟主机,然后在Web浏览器中转到S3端点(对我来说,在美国标准中,这将是:
http://s3.amazonaws.com/mybucket/public/test.html
: http://s3.amazonaws.com/mybucket/public/test.html
),您会看到显示的网页,但是当您尝试通过私有存储桶访问该页面时,您会看到它失败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.