堆栈内存溢出
  简体   繁体   English

AWS CDK:为什么 S3 存储桶策略发生错误

[英]AWS CDK : Why S3 bucket policy occurs error

 原文  2021-03-01 09:06:31       amazon-web-services/ amazon-s3/ aws-cdk

问题描述

I try to deploy S3 bucket by CDK in TypeScript.我尝试在 TypeScript 中通过 CDK 部署 S3 存储桶。 When the code is executed, an error occurs even if I have a privilige of administrator.执行代码时,即使我有管理员权限,也会发生错误。 Anyone knows the reason?有人知道原因吗?

export class S3Stack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const s3Example = new s3.Bucket(this, 'bucket', {
      versioned: false,
      bucketName: 'bucket',
      publicReadAccess: false,
      blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
      removalPolicy: cdk.RemovalPolicy.DESTROY
    });

    const s3ExamplePolicyDocument = {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Sid": "FirstStatement",
          "Effect": "Allow",
          "Action": [
            "s3:List*",
            "s3:Get*"
          ],
          "Resource": [
            "arn:aws:s3:::bucket",
            "arn:aws:s3:::bucket/*"
          ],
          "Principal": "*",
        }
      ]
    };

    const s3ExamplePolicy = iam.PolicyDocument.fromJson(s3ExamplePolicyDocument);

    new s3.CfnBucketPolicy(this, 'bucketpolicy', {
      bucket: s3Example.bucketName,
      policyDocument: s3ExamplePolicy
    });
  }
}

Error message错误信息

API: s3:PutBucketPolicy Access Denied

1 个解决方案

解决方案1
 0  2021-03-02 01:22:56

I found the solution.我找到了解决方案。 This is caused because I try to apply public permission to non-public bucket.这是因为我尝试将公共权限应用于非公共存储桶。 After I modified s3ExamplePolicyDocument, it works在我修改了 s3ExamplePolicyDocument 之后,它可以工作了

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS CDK 中 S3 存储桶策略中的白名单 IP 地址 - Whitelist IP Address in S3 Bucket Policy in AWS CDK aws s3 存储桶策略 - aws s3 bucket policy AWS S3存储桶策略 - AWS S3 bucket policy 如何将生命周期策略添加到 AWS CDK Typescript 中的现有 S3 存储桶 - How to add a lifecycle policy to an existing S3 bucket in AWS CDK Typescript 不确定为什么这个aws s3存储桶策略不起作用? - Not sure why this aws s3 bucket policy isn't working? AWS S3存储桶策略引发访问被拒绝错误 - AWS S3 Bucket Policy throws Access Denied Error AWS Cloudformation 模板 - S3 存储桶策略 - MalformedPolicy 错误 - AWS Cloudformation template - S3 bucket policy - MalformedPolicy error AWS CDK 错误:存储桶上已存在存储桶策略 - AWS CDK Error: bucket policy already exists on bucket AWS CDK S3 存储桶创建错误 - Bucket_Name 已存在 - AWS CDK S3 Bucket Creation Error - Bucket_Name already exisits AWS S3存储桶策略未按预期运行 - aws s3 Bucket policy not working as expected
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM