s3策略具有无效操作 - s3：ListAllMyBuckets-Java 学习之路

我在我的水桶上尝试这些policy到console.aws.amazon.com：

{
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "s3:ListBucket",
            "s3:GetBucketLocation",
            "s3:ListBucketMultipartUploads"
          ],
          "Resource": "arn:aws:s3:::itnighq",
          "Condition": {}
        },
        {
          "Effect": "Allow",
          "Action": [
            "s3:AbortMultipartUpload",
            "s3:DeleteObject",
            "s3:DeleteObjectVersion",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:GetObjectVersion",
            "s3:GetObjectVersionAcl",
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:PutObjectAclVersion"
          ],
          "Resource": "arn:aws:s3:::itnighq/*",
          "Condition": {}
        },
        {
          "Effect": "Allow",
          "Action": "s3:ListAllMyBuckets",
          "Resource": "*",
          "Condition": {}
        }
      ]
    }

但我收到此错误消息： Policy has invalid action - s3:ListAllMyBuckets 它似乎不喜欢 "Resource": "*" ，我've also tried to use **arn:aws:s3:::****, but it doesn'也工作 .

有人有任何线索吗？

3 回答

正如zdev所提到的，你需要为IAM做这件事 . 转到IAM console并导航到用户>权限>内联策略>创建>自定义，然后输入：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ]
        }
    ]
}

回复于 2024-05-03T12:49:46+08:00

13

我想通了自己 . 它需要在IAM中完成，而不是在S3本身...

回复于 2024-05-03T12:49:46+08:00
8

@dnlbrky您需要通过为IAM用户/组/角色设置策略并通过使用适用于IAM用户/组的AWS控制台或通过调用put_ [role / user / group] _policy boto API调用来设置它 .

回复于 2024-05-03T12:49:46+08:00

s3策略具有无效操作 - s3：ListAllMyBuckets

3 回答

相关问题