堆栈内存溢出
  简体   繁体   English

Boto3 S3 错误 - 调用 PutObjectAcl 时拒绝访问

[英]Boto3 S3 error - AccessDenied when calling the PutObjectAcl

 原文  2019-03-15 05:20:13       amazon-web-services/ amazon-s3/ boto3/ acl

问题描述

Trying to generate a publicly-accessible URL for a file that was uploaded into an S3 bucket using the following code:尝试使用以下代码为上传到 S3 存储桶的文件生成可公开访问的 URL:

client = boto3.client('s3', config=botocore.client.Config(signature_version=botocore.UNSIGNED))
client.put_object_acl(Bucket="my-bucket", Key=filename, ACL='public-read')

throws the exception:抛出异常:

botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutObjectAcl operation: Access Denied

My S3 bucket has the following policy:我的 S3 存储桶具有以下策略:

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": [
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:PutObjectAcl"
            ],
            "Resource": "arn:aws:s3:::my-bucket/*",
            "Condition": {}
        }
    ]
}

Any tips would be most welcome!任何提示将是最受欢迎的! Thanks谢谢

1 个解决方案

解决方案1
 0  2022-02-24 20:56:46

Pay attention that you also need to adjust KMS key access:注意你还需要调整KMS密钥访问:
https://aws.amazon.com/premiumsupport/knowledge-center/copy-s3-objects-account/ https://aws.amazon.com/premiumsupport/knowledge-center/copy-s3-objects-account/

Important: If your S3 bucket has default encryption with AWS Key Management Service (AWS KMS) enabled, then you must also modify the AWS KMS key permissions.重要提示:如果您的 S3 存储桶启用了 AWS Key Management Service (AWS KMS) 的默认加密,则您还必须修改 AWS KMS 密钥权限。 For instructions, see My Amazon S3 bucket has default encryption using a custom AWS KMS key.有关说明,请参阅我的 Amazon S3 存储桶使用自定义 AWS KMS 密钥进行默认加密。 How can I allow users to download from and upload to the bucket?如何允许用户从存储桶下载和上传到存储桶?

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Boto3从无服务器Lambda函数调用AWS S3存储桶时出现AccessDenied错误消息 - AccessDenied error message when calling aws s3 buckets from serverless lambda function with boto3 AWS S3 Boto3 Python - 调用 DeleteObject 操作时发生错误 (AccessDenied):拒绝访问 - AWS S3 Boto3 Python - An error occurred (AccessDenied) when calling the DeleteObject operation: Access Denied 如何修复 AWS s3 boto3 中的“调用 GetObject 操作时出现 AuthorizationHeaderMalformed”错误 - How to fix "AuthorizationHeaderMalformed when calling the GetObject operation" error in AWS s3 boto3 Boto3 在调用 PutObject 操作时返回错误(AccessDenied):Access Denied - Boto3 returns An error occurred (AccessDenied) when calling the PutObject operation: Access Denied AWS BOTO3 S3 python - 调用 HeadObject 操作时发生错误 (404):未找到 - AWS BOTO3 S3 python - An error occurred (404) when calling the HeadObject operation: Not Found Boto3 上传文件 API 作为 IAM 用户给出错误“调用 PutObject 操作时发生错误 (AccessDenied):访问被拒绝” - Boto3 Upload file API as an IAM user is giving the error “An error occurred (AccessDenied) when calling the PutObject operation: Access Denied” boto3 s3 复制对象错误 - boto3 s3 copyObject error 使用 Boto3 S3 资源时 S3 Ninja 端点抛出无法连接错误 - S3 Ninja endpoint throws could not connect error when using Boto3 S3 resource boto3.exceptions.S3UploadFailedError: 调用 PutObject 操作时发生错误 (AccessDenied):拒绝访问 - boto3.exceptions.S3UploadFailedError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied boto3 s3 api 在调用 GetBucketPolicyStatus 操作时失败并显示“(NoSuchBucketPolicy)” - boto3 s3 api failing with “(NoSuchBucketPolicy) when calling the GetBucketPolicyStatus operation”
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM