堆栈内存溢出
  简体   繁体   English

允许下载到特定 IP 地址的 S3 访问策略

[英]S3 access policy to allow download to a specific IP address

 原文  2019-07-06 16:02:37       amazon-web-services/ amazon-s3/ acl

问题描述

I'm trying to implement a batch virus scanner.我正在尝试实现批处理病毒扫描程序。 I have a cron job set up to periodically scan unscanned files stored on S3.我设置了一个 cron 作业来定期扫描存储在 S3 上的未扫描文件。 Whenever I try to wget the file, I get a 403 .每当我尝试 wget 文件时,我都会收到403

I've set up this policy:我已经制定了这个政策:

{
    "Version": "2012-10-17",
    "Id": "S3PolicyIPRestrict",
    "Statement": [
        {
            "Sid": "IPAllow",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::bucket/*",
            "Condition": {
                "IpAddress": {
                    "aws:SourceIp": "ip of my address/32"
                }
            }
        }
    ]
}

Any idea what I'm doing wrong?知道我做错了什么吗?

1 个解决方案

解决方案1
 0  2021-09-15 22:57:38

Use the below bucket policy if you want to allow specfic ip address to access the files on s3 bucket.如果您想允许特定 IP 地址访问 s3 存储桶上的文件,请使用以下存储桶策略。 

 { "Version": "2012-10-17", "Id": "S3PolicyId1", "Statement": [ { "Sid": "IPAllow", "Effect": "Allow", "Principal": "*", "Action": "s3:*", "Resource": [ "arn:aws:s3:::<bucket>", "arn:aws:s3:::<bucket>/*" ], "Condition": { "IpAddress": { "aws:SourceIp": "<IP>/32" } } } ] }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将对S3的访问限制为特定的IP地址 - Restricting Access to S3 to a Specific IP Address Amazon S3文件基于IP地址访问策略 - Amazon S3 files access policy based on IP Address S3存储桶策略以允许访问特定角色并限制所有角色 - S3 Bucket Policy to Allow access to specific roles and restrict all Amazon S3存储桶策略允许访问仅特定的http - Amazon S3 bucket policy allow access to ONLY specific http 允许访问特定用户并限制所有用户的 S3 存储桶策略 - S3 Bucket Policy to Allow access to specific users and restrict all 允许从IP地址或IAM用户进行访问的AWS访问策略 - AWS access policy to allow access from an IP address or an IAM user AWS S3仅允许将存储桶中的图像显示在特定的IP地址上 - AWS S3 only allow an image from the bucket to be shown on specific IP address 允许用户访问特定 S3 存储桶以进行备份的 AWS IAM 策略 - AWS IAM Policy to allow user access to specific S3 bucket for backup 如何定义仅特定存储桶仅允许对该存储桶执行S3完全访问策略? - How to define Specific Bucket Only Allow S3 Full Access Policy to that bucket only? 允许 S3 访问同一账户中特定 IAM 角色的 IAM 策略 - IAM policy to allow S3 access to specific IAM role in the same account
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM