我的用户使用以下政策,并且我使用的是DragonDisk客户端程序。此用户可以在bucket1 / folder1 /下执行所有操作,但访问文件的属性(访问被拒绝)除外。我无法弄清楚原因。任何的想法?感谢。
{
"Version": "2012-10-17",
"Statement": [
{
"Action": ["s3:ListAllMyBuckets", "s3:GetBucketLocation"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::*"]
},
{
"Action": ["s3:ListBucket"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::bucket1"],
"Condition":{"StringEquals":{"s3:prefix":[""],"s3:delimiter":["/"]}}
},
{
"Action": ["s3:ListBucket"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::bucket1"],
"Condition":{"StringLike":{"s3:prefix":["folder1/*"]}}
},
{
"Action":["s3:*"],
"Effect":"Allow",
"Resource": ["arn:aws:s3:::bucket1/folder1/*"]
}
]
}