Question

我们是构建一个临时服务器，为此我们克隆了我们的生产服务器。因此，我创建了一个用于登台的新存储桶，并使用Amazon S3中提供的界面（复制/粘贴）将生产存储桶的所有内容复制到存档存储桶中。

登台应用程序可以从暂存存储桶中读取和删除文件而不会出现问题，但我无法编写新文件......

有人有想法吗？我在这里粘贴了我配置的策略：

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [
            "s3:PutAnalyticsConfiguration",
            "s3:GetObjectVersionTagging",
            "s3:CreateBucket",
            "s3:ReplicateObject",
            "s3:GetObjectAcl",
            "s3:DeleteBucketWebsite",
            "s3:PutLifecycleConfiguration",
            "s3:GetObjectVersionAcl",
            "s3:PutBucketAcl",
            "s3:PutObjectTagging",
            "s3:DeleteObject",
            "s3:GetIpConfiguration",
            "s3:DeleteObjectTagging",
            "s3:GetBucketWebsite",
            "s3:PutReplicationConfiguration",
            "s3:DeleteObjectVersionTagging",
            "s3:GetBucketNotification",
            "s3:PutBucketCORS",
            "s3:DeleteBucketPolicy",
            "s3:GetReplicationConfiguration",
            "s3:ListMultipartUploadParts",
            "s3:PutObject",
            "s3:GetObject",
            "s3:PutBucketNotification",
            "s3:PutBucketLogging",
            "s3:PutObjectVersionAcl",
            "s3:GetAnalyticsConfiguration",
            "s3:GetObjectVersionForReplication",
            "s3:GetLifecycleConfiguration",
            "s3:ListBucketByTags",
            "s3:GetInventoryConfiguration",
            "s3:GetBucketTagging",
            "s3:PutAccelerateConfiguration",
            "s3:DeleteObjectVersion",
            "s3:GetBucketLogging",
            "s3:ListBucketVersions",
            "s3:ReplicateTags",
            "s3:RestoreObject",
            "s3:ListBucket",
            "s3:GetAccelerateConfiguration",
            "s3:GetBucketPolicy",
            "s3:GetObjectVersionTorrent",
            "s3:AbortMultipartUpload",
            "s3:PutBucketTagging",
            "s3:GetBucketRequestPayment",
            "s3:GetObjectTagging",
            "s3:GetMetricsConfiguration",
            "s3:DeleteBucket",
            "s3:PutBucketVersioning",
            "s3:PutObjectAcl",
            "s3:ListBucketMultipartUploads",
            "s3:PutMetricsConfiguration",
            "s3:PutObjectVersionTagging",
            "s3:GetBucketVersioning",
            "s3:GetBucketAcl",
            "s3:PutInventoryConfiguration",
            "s3:PutIpConfiguration",
            "s3:GetObjectTorrent",
            "s3:ObjectOwnerOverrideToBucketOwner",
            "s3:PutBucketWebsite",
            "s3:PutBucketRequestPayment",
            "s3:GetBucketCORS",
            "s3:PutBucketPolicy",
            "s3:GetBucketLocation",
            "s3:ReplicateDelete",
            "s3:GetObjectVersion"
        ],
        "Resource": [
            "arn:aws:s3:::naturebooker-staging",
            "arn:aws:s3:::naturebooker_staging/*"
        ]
    },
    {
        "Sid": "VisualEditor1",
        "Effect": "Allow",
        "Action": [
            "s3:ListAllMyBuckets",
            "s3:HeadBucket",
            "s3:ListObjects"
        ],
        "Resource": "*"
    }
]
}

Answer 1

请检查资源名称是否正确。我看到_而不是 -

Answer 2

解决了资源名称不好，应该是 - 而不是_

尝试使用rails应用程序编写时Aws :: S3 :: Errors :: AccessDenied

2 个答案: