堆栈内存溢出
  简体   繁体   English

AWS DMS 服务:为 S3 创建目标端点抛出错误角色未正确配置。拒绝访问

[英]AWS DMS service: creating target endpoint for S3 is throwing error Role is not configured properly.AccessDenied

 原文  2021-12-17 18:22:41       amazon-web-services/ amazon-s3/ aws-dms

问题描述

I am creating configuring a AWS DMS to migrate my RDS database to the S3 bucket.我正在创建配置 AWS DMS 以将我的 RDS 数据库迁移到 S3 存储桶。 I created the instance and the source endpoint.我创建了实例和源端点。 There was no issue creating them.创建它们没有问题。 Now, I am creating a target endpoint choosing the S3 as the source.现在,我正在创建一个选择 S3 作为源的目标端点。 Before I create the target, I created a new policy with the following content.在创建目标之前,我创建了一个包含以下内容的新策略。

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:DeleteObject",
                "s3:PutObjectTagging"
            ],
            "Resource": [
                "arn:aws:s3:::buckettest2/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::buckettest2"
            ]
        }
    ]
}

Then I created a new IAM role called SharKyaMalS3FullAccess and I attached the policy I created to that role.然后我创建了一个名为 SharKyaMalS3FullAccess 的新 IAM 角色,并将我创建的策略附加到该角色。 When I create the target endpoint using that role.当我使用该角色创建目标端点时。 I am getting the following error.我收到以下错误。

SYSTEM ERROR MESSAGE:The IAM Role arn:aws:iam::xxxxxxxxx:role/SharKyaMalS3FullAccess is not configured properly.AccessDenied

在此处输入图像描述

What is wrong with my configuration and how can I fix it?我的配置有什么问题,我该如何解决?

1 个解决方案

解决方案1
 0  2022-03-07 15:25:16

Your policy looks correct, so make sure when you create the IAM role you pick DMS as the AWS service.您的策略看起来是正确的,因此请确保在创建 IAM 角色时选择 DMS 作为 AWS 服务。 This will add the DMS service as a trusted entity.这会将 DMS 服务添加为可信实体。

在此处输入图像描述

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS DMS CDC 到 S3 目标 - AWS DMS CDC to S3 target AWS Glue:拒绝访问(服务:Amazon S3;状态代码:403;错误代码:AccessDenied; - AWS Glue: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; 使用 Flysystem 的 AWS S3 在创建目录时“无法在位置写入文件...拒绝访问” - AWS S3 with Flysystem "Unable to write file at location... AccessDenied" when creating directory AWS S3 生成签名的 Urls ''AccessDenied'' - AWS S3 Generating Signed Urls ''AccessDenied'' AWS DMS-Oracle 到 S3 - AWS DMS-Oracle to S3 通过 DMS AWS 服务将数据从 RDS Postgres DB 迁移到 s3 - Migrating data from RDS Postgres DB to s3 via the DMS AWS service 使用 Oracle 数据库作为源的 AWS DMS 终端节点出错 - Error in AWS DMS Endpoint using Oracle database as a source AWS S3 Boto3 Python - 调用 DeleteObject 操作时发生错误 (AccessDenied):拒绝访问 - AWS S3 Boto3 Python - An error occurred (AccessDenied) when calling the DeleteObject operation: Access Denied 跨账户 IAM 角色赋予服务:Amazon S3; 状态码:403; 错误代码:拒绝访问 - Cross-account IAM roles giving Service: Amazon S3; Status Code: 403; Error Code: AccessDenied 无法将 IAM 角色限制为 S3 中的特定密钥和子密钥(获取拒绝访问) - Unable to restric IAM Role to a specific key and subkeys in S3 (getting AccessDenied)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM