在 AWS S3 存储桶上设置 IAM 策略(允许更改 ACL)
[英]Setting IAM Policy on AWS S3 Bucket (allow change ACL)
问题描述
I am just setting up an IAM for an external contractor who will be updating our website which is located in an S3 bucket www.mybucketsite.com
我只是为外部承包商设置 IAM,该承包商将更新我们位于 S3 存储桶www.mybucketsite.com
I am having trouble trying to allocate them the right permissions which will allow them to change the ACLs on individual files to make them public or private after uploading.我在尝试为他们分配正确的权限时遇到问题,这将允许他们更改单个文件的 ACL,以便在上传后将它们设为公开或私有。
Current IAM Policy is as thus:当前的 IAM 政策如下:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::www.mybucketsite.com"
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:GetObjectAcl",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::www.mybucketsite.com/*"
]
}
]
}
So far, they can see, upload and delete files just fine.到目前为止,他们可以很好地查看、上传和删除文件。 When changing ACL's though, they can see existing ACL settings, but they are getting a 'Permission Denied' error message back when trying to update them.但是,在更改 ACL 时,他们可以看到现有的 ACL 设置,但在尝试更新它们时会收到“权限被拒绝”错误消息。
What have I missed out on?我错过了什么?
1 个解决方案
解决方案1
0 2019-12-02 08:36:53
You need to configure the block public access permissions associated with your bucket where you can allow all options or select options as per screenshot.您需要配置与您的存储桶关联的阻止公共访问权限,您可以在其中允许所有选项或根据屏幕截图选择选项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.