![](/img/trans.png)
[英]AWS - You are not authorized to perform this operation on accessing describeInstanceStatus from ec2 client object
[英]aws-ec2 - you are not authorized to perform this operation
我最不熟悉aws等。我想要做的是使用s3-bash和PalletOps將一個小的war文件上傳到s3 bucket。 為此,我將clojure配置文件配置為
(defpallet :default-service
:vmfest
:services {:localhost {:provider "localhost"}
:vmfest {:provider "vmfest"
:vbox-comm :ws
:default-network-type :local
:default-memory-size 1024
:default-local-interface "vboxnet5"}
:aws-ec2 {:provider "aws-ec2"
:identity "AAAAAAAAAAAAAAAAAAQ"
:credential "ATMz1/gerGGFHDh/GFGGFGFGFHFHFHGTUUTUgdgdgdg"}})
在aws上,我向該用戶添加了IAM策略,
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:*",
"Resource": "*"
}
]
}
雖然嘗試將lein pallet up -P aws-ec2
上面配置的群集我得到以下錯誤,
Caused by: org.jclouds.aws.AWSResponseException: request POST
https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 failed with code 403,
error: AWSError{requestId='c20a65f1-64a1-4d7f-be27-690d495ffd09',
requestToken='null', code='UnauthorizedOperation', message='You are not
authorized to perform this operation.', context='{Response=, Errors=}'}
at org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:77)
... 77 more
Subprocess failed
我在https://policysim.aws.amazon.com/home/index.jsp?#上嘗試了模擬,但是即使對於錯誤的動作“ListBucket”也Implicitly denied (no matching statements found).
錯誤地Implicitly denied (no matching statements found).
。
我可能會錯過配置aws ec2但無法進一步移動。
我想您可能需要在IAM政策中輸入s3*
條目:
以下是僅允許上傳到特定文件夾的策略示例:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:*"
],
"Sid": "Stmt13NNNNNNNN000",
"Resource": [
"arn:aws:s3:::bucket-name/specific-folder/*"
],
"Effect": "Allow"
},
{
"Action": [
"s3:*"
],
"Sid": "StmtNNNNNNNNNNN",
"Resource": [
"arn:aws:s3:::bucket-name"
],
"Effect": "Allow"
}
]
}
在“高級用戶”預建策略(如果可以)中排除這些權限問題也值得測試。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.