![](/img/trans.png)
[英]AWS - You are not authorized to perform this operation on accessing describeInstanceStatus from ec2 client object
[英]aws-ec2 - you are not authorized to perform this operation
我最不熟悉aws等。我想要做的是使用s3-bash和PalletOps将一个小的war文件上传到s3 bucket。 为此,我将clojure配置文件配置为
(defpallet :default-service
:vmfest
:services {:localhost {:provider "localhost"}
:vmfest {:provider "vmfest"
:vbox-comm :ws
:default-network-type :local
:default-memory-size 1024
:default-local-interface "vboxnet5"}
:aws-ec2 {:provider "aws-ec2"
:identity "AAAAAAAAAAAAAAAAAAQ"
:credential "ATMz1/gerGGFHDh/GFGGFGFGFHFHFHGTUUTUgdgdgdg"}})
在aws上,我向该用户添加了IAM策略,
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:*",
"Resource": "*"
}
]
}
虽然尝试将lein pallet up -P aws-ec2
上面配置的群集我得到以下错误,
Caused by: org.jclouds.aws.AWSResponseException: request POST
https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 failed with code 403,
error: AWSError{requestId='c20a65f1-64a1-4d7f-be27-690d495ffd09',
requestToken='null', code='UnauthorizedOperation', message='You are not
authorized to perform this operation.', context='{Response=, Errors=}'}
at org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:77)
... 77 more
Subprocess failed
我在https://policysim.aws.amazon.com/home/index.jsp?#上尝试了模拟,但是即使对于错误的动作“ListBucket”也Implicitly denied (no matching statements found).
错误地Implicitly denied (no matching statements found).
。
我可能会错过配置aws ec2但无法进一步移动。
我想您可能需要在IAM政策中输入s3*
条目:
以下是仅允许上传到特定文件夹的策略示例:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:*"
],
"Sid": "Stmt13NNNNNNNN000",
"Resource": [
"arn:aws:s3:::bucket-name/specific-folder/*"
],
"Effect": "Allow"
},
{
"Action": [
"s3:*"
],
"Sid": "StmtNNNNNNNNNNN",
"Resource": [
"arn:aws:s3:::bucket-name"
],
"Effect": "Allow"
}
]
}
在“高级用户”预建策略(如果可以)中排除这些权限问题也值得测试。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.