CreateMultipartUpload操作 - 需要AWS策略项吗?

时间:2016-06-04 13:12:14

标签: amazon-web-services amazon-s3

我正在通过aws cli控制台进行分段上传,但是收到此错误; 

A client error (AccessDenied) occurred when calling the CreateMultipartUpload operation: Access Denied

以下是我的政策,我在那里遗漏了什么?

感谢。

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": "arn:aws:s3:::mybucket"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:CreateMultipartUpload",
                "s3:AbortMultipartUpload",
                "s3:ListMultipartUploadParts",
                "s3:ListBucketMultipartUploads"
            ],
            "Resource": "arn:aws:s3:::mybucket/*"
        }
    ]
}

2 个答案:

答案 0 :(得分:1)

" s3:PutObject"处理CreateMultipartUpload操作,所以我猜没有像" s3:CreateMultipartUpload"。

你必须在你的s3桶中改变ARN就好了 添加"资源":" arn:aws:s3 ::: mybucket"

最终政策:

StringEscapeUtils.unescapeHtml4(String htmlString)

答案 1 :(得分:0)

如果它是跨帐户访问权限,请检查它与ACL标头无关,如下所述:https://stackoverflow.com/a/34055538/1736679(此问题帖子中的更多信息:https://github.com/aws/aws-cli/issues/1674

同时仔细检查您正在运行的环境/用户,以查看/ etc / environment中是否存在覆盖密钥(AWS_ACCESS_KEY等)或〜/ .aws / credentials

相关问题
最新问题