对Amazon上的S3文件夹的只读访问权限

时间:2012-11-08 01:51:34

标签: amazon-s3 amazon-web-services user-permissions

我正在尝试设置对Amazon上特定文件夹的只读访问权限。我里面有一个“公司”桶和文件夹“软件”。由于某种原因,以下代码对我不起作用(我使用CloudBerry进行验证):

{
    "Statement": [
    {
        "Effect": "Allow",
        "Action": [
            "s3:Get*",
            "s3:List*"
        ],
        "Resource": "arn:aws:s3:::corporate/software/*"
    }
    ]
}

但如果我使用:

"Resource": "*"

我能看到所有的水桶...... 我错过了什么吗?

1 个答案:

答案 0 :(得分:2)

以下代码对我有用:

{
    "Statement": [
{
    "Effect": "Allow",
    "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation",
        "s3:ListBucketMultipartUploads"
    ],
    "Resource": "arn:aws:s3:::corporate",
    "Condition": {}
    },
    {
    "Effect": "Allow",
    "Action": [
        "s3:GetObject",
        "s3:GetObjectAcl",
        "s3:GetObjectVersion",
        "s3:GetObjectVersionAcl"
    ],
    "Resource": "arn:aws:s3:::corporate/software/*",
    "Condition": {}
    },
    {
        "Effect": "Allow",
        "Action": "s3:ListAllMyBuckets",
        "Resource": "*",
        "Condition": {}
    }
]
}
相关问题
最新问题