Amazon Web Services S3訪問被拒絕
[英]Amazon web services S3 access denied
問題描述
我從應用程序訪問AWS S3服務器存儲區時遇到問題。 我在存儲桶日志文件中收到請求,但訪問被拒絕。 我有內聯策略和受管策略,允許對服務器的完全訪問權限,並且已將服務器權限設置為允許所有人,但是仍然顯示訪問被拒絕。 正確池的標識也已創建。 在應用程序結束時,我收到一條消息,提示未找到存儲桶。 服務器區域是倫敦。
我已經閱讀了很多有關此問題的其他問題,但沒有一個問題解決了我的問題。
謝謝
內聯未經身份驗證的IAM策略
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1488834891000",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::ascentserver/*"
]
}
]
}
由於某種原因,這在策略模擬器上不起作用,我嘗試添加存儲桶和服務的資源,但沒有幫助。
托管策略是默認的S3完全訪問權限,並且可以正常運行。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
尋址服務器的代碼段:
public void setFileToUpload(){
TransferObserver transferObserver = transferUtility.upload(
"http://ascentserver.s3.eu-west-2.amazonaws.com", /* The bucket to upload to */
"TEST.png", /* The key for the uploaded object */
fileToUpload /* The file where the data to upload exists */
);
transferObserverListener(transferObserver);
}
2 個解決方案
解決方案1
0 2017-03-09 22:40:16
因此,我們一直在使用以下代碼: 請注意,這些只是代碼片段,而不是整個代碼
[主要]
import com.amazonaws.auth.CognitoCachingCredentialsProvider;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferListener;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferObserver;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferState;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferUtility;
import com.amazonaws.regions.Region;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3Client;
import java.io.File;
public class MainActivity extends AppCompatActivity
implements NavigationView.OnNavigationItemSelectedListener {
File fileToUpload = new File("/storage/emulated/0/Pictures/Screenshots/TEST.png");
File fileToDownload = new File("/storage/emulated/0/Download/TEST");
AmazonS3 s3;
TransferUtility transferUtility;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Toolbar toolbar = (Toolbar) findViewById(R.id.toolbar);
setSupportActionBar(toolbar);
// callback method to call credentialsProvider method
credentialsProvider();
// callback method to call the setTransferUtility method
setTransferUtility();
}
public void credentialsProvider(){
// Initialize the Amazon Cognito credentials provider
CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider(
getApplicationContext(),
"eu-west-1:0e33dea3-6075-4ea5-a268-b0c1364f5107", // Identity Pool ID
Regions.EU_WEST_1 // Region
);
setAmazonS3Client(credentialsProvider);
}
public void setAmazonS3Client(CognitoCachingCredentialsProvider credentialsProvider){
// Create an S3 client
s3 = new AmazonS3Client(credentialsProvider);
// Set the region of your S3 bucket
s3.setRegion(Region.getRegion(Regions.EU_WEST_1));
}
public void setTransferUtility(){
transferUtility = new TransferUtility(s3, getApplicationContext());
}
public void setFileToUpload(){
TransferObserver transferObserver = transferUtility.upload(
"http://ascentserver.s3.eu-west-2.amazonaws.com", /* The bucket to upload to */
"TEST.png", /* The key for the uploaded object */
fileToUpload /* The file where the data to upload exists */
);
transferObserverListener(transferObserver);
}
public void setFileToDownload(){
TransferObserver transferObserver = transferUtility.download(
"http://ascentserver.s3.eu-west-2.amazonaws.com", /* The bucket to download from */
"TEST.png", /* The key for the object to download */
fileToDownload /* The file to download the object to */
);
transferObserverListener(transferObserver);
}
public void transferObserverListener(TransferObserver transferObserver){
// listener that provides status of download
transferObserver.setTransferListener(new TransferListener(){
@Override
public void onStateChanged(int id, TransferState state) {
Log.e("statechange", state+"");
}
@Override
public void onProgressChanged(int id, long bytesCurrent, long bytesTotal) {
int percentage = (int) (bytesCurrent/bytesTotal * 100);
Log.e("percentage",percentage +"");
}
@Override
public void onError(int id, Exception ex) {
Log.e("error","error");
}
});
}
}
[依賴性]
compile 'com.amazonaws:aws-android-sdk-core:2.2.13'
compile 'com.amazonaws:aws-android-sdk-cognito:2.2.13'
compile 'com.amazonaws:aws-android-sdk-s3:2.2.13'
compile 'com.amazonaws:aws-android-sdk-ddb:2.2.13'
[表現]
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<service
android:name="com.amazonaws.mobileconnectors.s3.transferutility.TransferService"
android:enabled="true" />
解決方案2
0 已采納 2017-03-10 20:39:57
對於transferUtility.upload()方法,您需要提供存儲桶名稱作為ascentserver而不是http://ascentserver.s3.eu-west-2.amazonaws.com ,並確保AmazonS3Client使用正確的區域,而不是默認的區域將端點明確設置為s3.setEndpoint("s3.eu-west-2.amazonaws.com") 。
例如:
CognitoCachingCredentialsProvider credProvider = new CognitoCachingCredentialsProvider(
getApplicationContext(),
"YOUR_COGNITO_POOL_ID",
Regions.EU_WEST_2
);
AmazonS3 s3 = new AmazonS3Client(credProvider);
s3.setEndpoint("s3.eu-west-2.amazonaws.com");
TransferUtility transferUtility = new TransferUtility(s3, getApplicationContext());
TransferObserver transferObserver = transferUtility.upload(
"ascentserver",
"TEST.png",
fileToUpload
);
.
.
.
是否在Amazon Web Services S3中確保存儲桶和資源訪問?
[英]Securing bucket- and resource access in Amazon Web Services S3?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.