[英]give public read and view access to s3 bucket objects using cloudformation template
我正在编写一个 AWS cloudformation 模板来接收来自 Kinesis Firehose 的 s3 存储桶中的文件。 我已经授予对存储桶的公共读取访问权限(存储桶是公共的)但是当我使用 object URL 访问存储桶内的文件时,我收到“XML 文件似乎没有任何与之关联的样式”错误,它说访问被拒绝. 但是 object(JSON 文件)是可下载的。
我已授予对 s3 存储桶的完全访问权限
Resources:
# Create s3 bucket
MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: health-app-buckett
AccessControl: PublicRead
# Create Role
S3BucketRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- s3.amazonaws.com
Action:
- 'sts:AssumeRole'
#Create policy for bucket
S3BucketPolicies:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: S3BucketPolicy
PolicyDocument:
Statement:
- Sid: PublicReadForGetBucketObjects
Effect: Allow
Action: 's3:GetObject'
Resource: !Join
- ''
- - 'arn:aws:s3:::'
- !Ref MyS3Bucket
- /*
Roles:
- !Ref S3BucketRole
我希望能够使用 Object URL 查看文件
您需要将 PublicAccessBlockConfiguration 添加到您的模板
MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: health-app-buckett
AccessControl: PublicRead
PublicAccessBlockConfiguration:
BlockPublicAcls : false
BlockPublicPolicy : false
IgnorePublicAcls : false
RestrictPublicBuckets : false
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.