[英]aws s3api put-bucket-website - PutBucketWebsite operation: Access Denied
我正在嘗試使用此命令來設置靜態網站托管:
aws s3api put-bucket-website --bucket XXXX --website-configuration file://assets/website.json
網站.json
{
"IndexDocument": {
"Suffix": "index.html"
},
"ErrorDocument": {
"Key": "index.html"
}
}
存儲桶策略
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::XXXX/*"
}
]
}
我收到錯誤:
調用 PutBucketWebsite 操作時發生錯誤 (AccessDenied):拒絕訪問
我應該在存儲桶策略中更改什么?
此 PUT 操作需要S3:PutBucketWebsite權限:
添加存儲桶策略:
aws s3api put-bucket-policy \
--bucket XXXX \
--policy file://s3-bucket-policy.json
s3-bucket-policy.json:
{
"Version": "2008-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::XXXX/*"
},
{
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"S3:PutBucketWebsite"
],
"Resource": "arn:aws:s3:::XXXX"
}
]
}
設置靜態網站托管
aws s3api put-bucket-website \
--bucket XXXX \
--website-configuration file://website.json
網站.json
{
"IndexDocument": {
"Suffix": "index.html"
},
"ErrorDocument": {
"Key": "index.html"
}
}
您的存儲桶策略只允許您執行 GET 操作,但您想要執行 PUT 操作。
正如您所提到的,您的 IAM 似乎具有 Admin 和完全 S3 訪問權限,但您沒有該特定存儲桶的存儲桶級別訪問權限。
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"s3:GetObject",
"s3:PutObject
],
"Resource": "arn:aws:s3:::XXXX/*"
},
{
"Sid": "AllowPutBucket",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::bucketname",
"arn:aws:s3:::bucketname/*"
]
}
]
}
參數驗證失敗:aws s3api put-object-acl 中的存儲桶名稱無效
[英]Parameter validation failed: Invalid bucket name in aws s3api put-object-acl
AWS cli s3api put-bucket-tagging - 除非存儲桶有 0 個標簽,否則無法將標簽添加到存儲桶
[英]AWS cli s3api put-bucket-tagging - cannot add tag to bucket unless bucket has 0 tags
AWS cli s3api put-bucket-tagging 無法識別我的 TagSet
[英]AWS cli s3api put-bucket-tagging not recognizing my TagSet
使用 root 用戶(= 存儲桶所有者)將存儲桶策略放在 aws s3 存儲桶上時訪問被拒絕
[英]Access denied when put bucket policy on aws s3 bucket with root user (= bucket owner)
如何使用 aws s3api 將 acl 策略應用於 S3 存儲桶中的子文件夾
[英]How to apply acl policies using aws s3api to subfolders in S3 bucket
s3api put-bucket-notification-configuration刪除現有事件
[英]s3api put-bucket-notification-configuration deletes existing events
AWS s3api put-object-tagging 后如何避免 LESS 響應?
[英]How to avoid LESS response after AWS s3api put-object-tagging?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.