[英]give public read and view access to s3 bucket objects using cloudformation template
我正在編寫一個 AWS cloudformation 模板來接收來自 Kinesis Firehose 的 s3 存儲桶中的文件。 我已經授予對存儲桶的公共讀取訪問權限(存儲桶是公共的)但是當我使用 object URL 訪問存儲桶內的文件時,我收到“XML 文件似乎沒有任何與之關聯的樣式”錯誤,它說訪問被拒絕. 但是 object(JSON 文件)是可下載的。
我已授予對 s3 存儲桶的完全訪問權限
Resources:
# Create s3 bucket
MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: health-app-buckett
AccessControl: PublicRead
# Create Role
S3BucketRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- s3.amazonaws.com
Action:
- 'sts:AssumeRole'
#Create policy for bucket
S3BucketPolicies:
Type: 'AWS::IAM::Policy'
Properties:
PolicyName: S3BucketPolicy
PolicyDocument:
Statement:
- Sid: PublicReadForGetBucketObjects
Effect: Allow
Action: 's3:GetObject'
Resource: !Join
- ''
- - 'arn:aws:s3:::'
- !Ref MyS3Bucket
- /*
Roles:
- !Ref S3BucketRole
我希望能夠使用 Object URL 查看文件
您需要將 PublicAccessBlockConfiguration 添加到您的模板
MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: health-app-buckett
AccessControl: PublicRead
PublicAccessBlockConfiguration:
BlockPublicAcls : false
BlockPublicPolicy : false
IgnorePublicAcls : false
RestrictPublicBuckets : false
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.