[英]AWS EC2 IAM role access denied on S3
I have launched an EC2 instance with IAM role "webapp".我已经启动了一个具有 IAM 角色“webapp”的 EC2 实例。 role is attached and i can confirm it using
角色已附加,我可以使用
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/webapp
{
"Code" : "Success",
"LastUpdated" : "2016-01-04T06:44:50Z",
"Type" : "AWS-HMAC",
"AccessKeyId" : "xxx",
"SecretAccessKey" : "xxx",
"Token" : "xxx",
"Expiration" : "2016-01-04T12:46:27Z"
}
webapp Role has an attached policy for S3 webapp 角色具有 S3 的附加策略
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
But I am unable to access objects on S3.但我无法访问 S3 上的对象。 I am using aws-php-sdk
我正在使用 aws-php-sdk
require_once 'vendor/autoload.php';
use Aws\S3\S3Client;
$client = S3Client::factory(array('region' => 'us-west-2','version'=>'2006-03-01'));
$result = $client->getObject(array(
'Bucket' => 'test-bkt88767',
'Key' => "file.txt",
));
echo $result['Body'] . "\n";
I am getting a 403 forbidden我收到 403 禁止
PHP Fatal error: Uncaught exception 'Aws\S3\Exception\S3Exception' with message 'Error executing "GetObject" on "https://s3-us-west-2.amazonaws.com/test-bkt88767/file.txt"; AWS HTTP error: Client error: `GET https://s3-us-west-2.amazonaws.com/test-bkt88767/file.txt` resulted in a `403 Forbidden` response:
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>995F9A (truncated...)
AccessDenied (client): Access Denied - <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>995F9AC51CC2164F</RequestId><HostId>JPKyfP1LBLW5ky2wH9t2CEjHrKT0tI9zgyXHU/qcJWvBoOwhK7O0dzl1wCjjzV58UhKZVHXvFFg=</HostId></Error>'
do I need to change bucket permissions as well?我还需要更改存储桶权限吗? or I am doing something wrong with the conf.
或者我在 conf 上做错了什么。 of EC2?
EC2的?
您能否检查是否为在 S3 存储桶上没有正确访问权限的任何用户配置了 AWS 密钥和访问 ID,或者您可以尝试使用另一个访问 s3 API,我有时会遇到同样的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.