[英]AWS CDK : Why S3 bucket policy occurs error
I try to deploy S3 bucket by CDK in TypeScript.我尝试在 TypeScript 中通过 CDK 部署 S3 存储桶。 When the code is executed, an error occurs even if I have a privilige of administrator.
执行代码时,即使我有管理员权限,也会发生错误。 Anyone knows the reason?
有人知道原因吗?
export class S3Stack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const s3Example = new s3.Bucket(this, 'bucket', {
versioned: false,
bucketName: 'bucket',
publicReadAccess: false,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
removalPolicy: cdk.RemovalPolicy.DESTROY
});
const s3ExamplePolicyDocument = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "FirstStatement",
"Effect": "Allow",
"Action": [
"s3:List*",
"s3:Get*"
],
"Resource": [
"arn:aws:s3:::bucket",
"arn:aws:s3:::bucket/*"
],
"Principal": "*",
}
]
};
const s3ExamplePolicy = iam.PolicyDocument.fromJson(s3ExamplePolicyDocument);
new s3.CfnBucketPolicy(this, 'bucketpolicy', {
bucket: s3Example.bucketName,
policyDocument: s3ExamplePolicy
});
}
}
Error message错误信息
API: s3:PutBucketPolicy Access Denied
I found the solution.我找到了解决方案。 This is caused because I try to apply public permission to non-public bucket.
这是因为我尝试将公共权限应用于非公共存储桶。 After I modified s3ExamplePolicyDocument, it works
在我修改了 s3ExamplePolicyDocument 之后,它可以工作了
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.