I try to deploy S3 bucket by CDK in TypeScript. When the code is executed, an error occurs even if I have a privilige of administrator. Anyone knows the reason?
export class S3Stack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const s3Example = new s3.Bucket(this, 'bucket', {
versioned: false,
bucketName: 'bucket',
publicReadAccess: false,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
removalPolicy: cdk.RemovalPolicy.DESTROY
});
const s3ExamplePolicyDocument = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "FirstStatement",
"Effect": "Allow",
"Action": [
"s3:List*",
"s3:Get*"
],
"Resource": [
"arn:aws:s3:::bucket",
"arn:aws:s3:::bucket/*"
],
"Principal": "*",
}
]
};
const s3ExamplePolicy = iam.PolicyDocument.fromJson(s3ExamplePolicyDocument);
new s3.CfnBucketPolicy(this, 'bucketpolicy', {
bucket: s3Example.bucketName,
policyDocument: s3ExamplePolicy
});
}
}
Error message
API: s3:PutBucketPolicy Access Denied
I found the solution. This is caused because I try to apply public permission to non-public bucket. After I modified s3ExamplePolicyDocument, it works
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.