S3:即使附加了 AmazonS3FullAccess,访问也被拒绝
[英]S3: Access Denied even with AmazonS3FullAccess attached
问题描述
When invoking this lambda function:
调用此 lambda function 时:
var params = {
Bucket: sourceBucket,
Key: sourceKey,
ACL: 'public-read-write'
};
s3.putObjectAcl(params, function(err, data){
if (err){
callback(err)
}
})
I tried 2 execution roles for this lambda function, but still encountered the above error:我为这个lambda function尝试了2个执行角色,但还是遇到了上面的错误:
- IAM Role with AmazonS3FullAccess policy attached.附加了 AmazonS3FullAccess 策略的 IAM 角色。
- IAM Role with the following policies:具有以下策略的 IAM 角色:
- AWSLambdaExecute policy AWSLambda 执行策略
- This Inline policy:此内联政策:
- AWSLambdaExecute policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObjectVersionAcl",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::my-bucket-name/*"
}
]
}
May I know what am I doing wrong or have missed?我可以知道我做错了什么或错过了什么吗? Thank you!谢谢!
1 个解决方案
解决方案1
0 已采纳 2021-06-05 05:38:21
This question was answered by jarmod in the comments: jarmod 在评论中回答了这个问题:
Disable the "Block Public Access" Setting in your bucket.禁用存储桶中的“阻止公共访问”设置。
Why?为什么?
"If an object is written to an AWS Account or S3 bucket with S3 Block Public Access enabled, and that object specifies any type of public permissions via ACL or policy, those public permissions are blocked. " “如果 object 被写入启用了 S3 块公共访问的 AWS 账户或 S3 存储桶,并且 object 通过 ACL 或策略指定任何类型的公共权限,则这些公共权限将被阻止。”
Source: aws.amazon.com/s3/features/block-public-access来源:aws.amazon.com/s3/features/block-public-access
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.