首页 文章

S3TransferManager-Sample | IAM getList策略问题

提问于
浏览
1

我在getList调用中遇到此错误:

S3TransferManagerSample [1717:48308] listObjects failed:[Error Domain = com.amazonaws.AWSS3ErrorDomain Code = 1“操作无法完成 . (com.amazonaws.AWSS3ErrorDomain error 1 . )”UserInfo = 0x7fb71412d300 {HostId = qhjcOyYAPQjHhJIX5REMTN5A48ecxIkHCqt6fFwkQPBff tKWnML9A4yQobq2C38,消息=拒绝访问,代码= AccessDenied,RequestId = B6920900AB17C864}]

我创建了2个角色,一个是auth,另一个是un-auth . 以下是两个角色的内联策略:

RoleARN:Cognito_(projectName)Auth_Role oneClick_Cognito_(projectName)Auth_Role_1424434616386:{“Version”:“2012-10-17”,“Statement”:[{“Effect”:“Allow”,“Action”:[“mobileanalytics:PutEvents” ,“cognito-sync:”],“资源”:[“”]}]}

policygen-Cognito_(projectName)Auth_Role-201502201739:{“Version”:“2012-10-17”,“Statement”:[{“Sid”:“Stmt1424435859000”,“Effect”:“Allow”,“Action”:[ “s3:GetObject”,“s3:ListBucket”,“s3:PutObject”],“资源”:[“arn:aws:s3 :: :(存储桶名称)/ *”]}]}

RoleARN:Cognito_(projectName)Unauth_Role oneClick_Cognito_(projectName)Unauth_Role_1424434555837:{“Version”:“2012-10-17”,“Statement”:[{“Effect”:“Allow”,“Action”:[“mobileanalytics:PutEvents” ,“cognito-sync:”],“资源”:[“”]}]}

policygen-Cognito_(projectName)Unauth_Role-201502201743:{“Version”:“2012-10-17”,“Statement”:[{“Sid”:“Stmt1424436103000”,“Effect”:“Allow”,“Action”:[ “s3:GetObject”,“s3:ListBucket”,“s3:PutObject”],“资源”:[“arn:aws:s3 :: :(存储桶名称)/ *”]}]}

有人可以指导我一下吗?

1 回答

  • 2

    需要为存储桶授予 ListBucket 权限,而不是存储桶中的密钥 . 您应该查看this blog以获取更多详细信息 .

相关问题