[英]AWS S3 Bucket Policy to allow read-only access from my instances
Is it possible to create an S3 bucket policy that allows read-only access from my EC2 instances? 是否可以创建一个S3存储桶策略,以允许从我的EC2实例进行只读访问? I tried a bunch of things, but I can't figure out what to use for the principal.
我尝试了很多事情,但是我不知道要为校长使用什么。
The principal will be the role. 主体将是角色。
ie: arn:aws:iam::accountnumber:role/rolename 即:arn:aws:iam :: accountnumber:role / rolename
This post describes how to do it: 这篇文章介绍了如何做到这一点:
http://www.tothenew.com/blog/role-based-s3-access-from-a-specific-ec2-instance/ http://www.tothenew.com/blog/role-based-s3-access-from-a-specific-ec2-instance/
just ignore the part about the IP address since you won't need it. 只需忽略IP地址部分,因为您将不需要它。
您应该为实例分配一个角色,该角色允许访问S3存储桶。
The issue is that: 问题是:
This explains how to use userid instead: 这说明了如何使用用户标识:
https://aws.amazon.com/blogs/security/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/ https://aws.amazon.com/blogs/security/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.