Question

我有这个政策，为什么它不能写入s3桶

{
 "Version": "2012-10-17",
 "Statement": [
{
  "Effect": "Allow",
  "Action": ["s3:ListBucket"],
  "Resource": [
    "arn:aws:s3:::cf-templates-erb4urdcaiht-us-east-1",
    "arn:aws:s3:::elasticbeanstalk-us-east-1-008151213029",
    "arn:aws:s3:::test-bucket-for-iam"
    ]
},
{
  "Effect": "Allow",
  "Action": [
    "s3:PutObject*",
    "s3:GetObject*",
    "s3:GetObjectAcl",
    "s3:PutObjectAcl",
    "s3:DeleteObject"
  ],
  "Resource": [
    "arn:aws:s3:::cf-templates-erb4urdcaiht-us-east-1",
    "arn:aws:s3:::elasticbeanstalk-us-east-1-008151213029",
    "arn:aws:s3:::test-bucket-for-iam"
    ]
  }
 ]
}

当我尝试上传我得到的对象时，我已经给了putobject为什么我得到这个错误

An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

Answer 1

更改

"arn:aws:s3:::cf-templates-erb4urdcaiht-us-east-1/*"

到这个

{{1}}

在我的案例中工作。

我的用户无法写入s3

1 个答案: