我正在使用Amazon S3上传/下载视频。我可以上传任何视频,但我无法在视频中列出我的视频,因为我收到了这些错误:
03-30 11:51:06.911 28577-28734/com.video.apps3 I/CCC: Caught an AmazonServiceException, which means your request made it to Amazon S3, but was rejected with an error response for some reason.
03-30 11:51:06.911 28577-28734/com.video.apps3 I/CCC: Error Message: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 4AEF68CB2979FBB9)
03-30 11:51:06.911 28577-28734/com.video.apps3 I/CCC: HTTP Status Code: 403
03-30 11:51:06.911 28577-28734/com.video.apps3 I/CCC: AWS Error Code: AccessDenied
03-30 11:51:06.911 28577-28734/com.video.apps3 I/CCC: Error Type: Client
03-30 11:51:06.911 28577-28734/com.video.apps3 I/CCC: Request ID: 4AEF68CB2979FBB9
我有一个像这样简单的结构:
All Buckets/ myvideos/
video1.mp4
video2.mp4
Other.mp4
我的政策是:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::myvideos/*"
]
}
]
}
所以我可以上传视频,但我无法在里面列出这些元素。
这是我用来列出对象的一段代码。
try {
ListObjectsRequest listObjectsRequest = new ListObjectsRequest()
.withBucketName(MY_BUCKET)
.withPrefix("")
.withDelimiter("/");
ObjectListing objectListing;
do {
objectListing = s3Client.listObjects(listObjectsRequest);
for (S3ObjectSummary objectSummary :
objectListing.getObjectSummaries()) {
Log.i("CCC", " - " + objectSummary.getKey() + " " +
"(size = " + objectSummary.getSize() +
")");
}
listObjectsRequest.setMarker(objectListing.getNextMarker());
} while (objectListing.isTruncated());
} catch (AmazonServiceException ase) {
Log.i("CCC", "Caught an AmazonServiceException, " +
"which means your request made it " +
"to Amazon S3, but was rejected with an error response " +
"for some reason.");
Log.i("CCC", "Error Message: " + ase.getMessage());
Log.i("CCC", "HTTP Status Code: " + ase.getStatusCode());
Log.i("CCC", "AWS Error Code: " + ase.getErrorCode());
Log.i("CCC", "Error Type: " + ase.getErrorType());
Log.i("CCC", "Request ID: " + ase.getRequestId());
} catch (AmazonClientException ace) {
Log.i("CCC", "Caught an AmazonClientException, " +
"which means the client encountered " +
"an internal error while trying to communicate" +
" with S3, " +
"such as not being able to access the network.");
Log.i("CCC", "Error Message: " + ace.getMessage());
}
我不知道还需要做什么?如何通过相同的访问权限S3允许我上传但拒绝列表?
我正在使用它:
CognitoCachingCredentialsProvider credentialsProvider =
new CognitoCachingCredentialsProvider(
context,
IDENTITY_POOL_ID,
MY_REGION
);
AmazonS3 s3Client = new AmazonS3Client(credentialsProvider);
s3Client.setRegion(Region.getRegion(MY_REGION));
所以我尝试了这个:
AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey);
AmazonS3 s3Client = new AmazonS3Client(credentials);
好吧,它有效。但我想允许视频访问没有登录用户。我不想使用我的 accessKey 和 secretKey 。
答案 0 :(得分:2)
您需要为ListBucket操作授予对存储桶的访问权限。在您的策略中,您将授予对存储桶myvideos内的文件的访问权限,但不允许访问存储桶本身。试试这个政策:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::myvideos",
"arn:aws:s3:::myvideos/*"
]
}
]
}
答案 1 :(得分:1)
要列出存储桶的内容,请将其添加到策略
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::myvideos/*"
]
}