如何为我的AWS S3存储桶提供经过身份验证的访问?

时间:2020-10-12 19:54:31

标签: amazon-web-services react-native amazon-s3 amazon-cognito aws-amplify

我用expo init的{​​{1}}启动了一个裸露的Expo应用程序。然后,我创建了一个AWS账户,并在终端中运行:

  • MyVideoApp
  • npm install -g @aws-amplify/cli

这使我登录到控制台,按照默认步骤操作,并在amplify configureregion:eu-west-2中创建了一个帐户,并粘贴到username:amplify-useraccessKeyId,{{ 1}}。

  • secretAccessKeyprofile name:amplify-user-profile 
cd ~/Documents/MyVideoApp/
  • amplify init

这时,我在项目目录中有一个? Enter a name for the project MyVideoApp ? Enter a name for the environment dev ? Choose your default editor: IntelliJ IDEA ? Choose the type of app that you're building javascript Please tell us about your project ? What javascript framework are you using react-native ? Source Directory Path: / ? Distribution Directory Path: / ? Build Command: npm run-script build ? Start Command: npm run-script start Using default provider awscloudformation ? Do you want to use an AWS profile? Yes ? Please choose the profile you want to use amplify-user-profile Adding backend environment dev to AWS Amplify Console app: d37chh30hholq6 文件夹,还有一个名为amplify push的S3存储桶。我将图像上传到了存储桶amplify中。并尝试通过单击按钮从应用程序下载它。

amplify-myvideoapp-dev-50540-deployment

输出:

icon_1.png

因此,我设置了(但可能不正确?)用户池(import React from 'react'; import { StyleSheet, Text, View, SafeAreaView, Button } from 'react-native'; import Amplify, { Storage } from 'aws-amplify'; import awsmobile from "./aws-exports"; Amplify.configure(awsmobile); async function getImage() { try { let data = await Storage.get('icon_1.jpg') } catch (err) { console.log(err) } } export default function App() { return ( <SafeAreaView style={styles.container}> <Text>Hello, World!</Text> <Button title={"Click to Download!"} onPress={getImage}/> </SafeAreaView> ); } const styles = StyleSheet.create({ container: { flex: 1, justifyContent: 'center', alignItems: 'center', }, }); )和身份池(No credentials [WARN] 18:54.93 AWSS3Provider - ensure credentials error, No Cognito Identity pool provided for unauthenticated access ... )。这没有帮助。此外,当我进入存储桶并单击“权限”->“存储桶策略”时,它只是空的……如果只有所有者尝试访问存储桶及其内容,则不确定是否可以。

我不知道出什么问题了,还有什么可以尝试的。我本质上只是想验证我的后端,以便my_first_pool编写此代码的任何人都可以运行它并访问存储桶。

编辑myvidapp 

git clone

1 个答案:

答案 0 :(得分:1)

由于您已经表示可以接受S3存储桶中的所有文件的公开访问,所以我建议以下几点:

  1. 从AWS控制台(console.aws.amazon.com)中选择存储桶

  2. 在“权限”下,选择“阻止公共访问”,然后通过取消-选中“阻止所有公共访问”下的所有选项,包括“阻止所有公共访问”,编辑设置,然后保存并确认。

  3. 转到存储桶策略,然后粘贴以下内容(注意:首先将“ YOUR_BUCKET_NAME_HERE”替换为“ amplify-myvideoapp-dev-50540-deployment”)

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicRead",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject",
                "s3:GetObjectVersion"
            ],
            "Resource": [
                "arn:aws:s3:::[YOUR_BUCKET_NAME_HERE]/*"
            ]
        }
    ]
}
相关问题
最新问题