允许使用Cognito凭据的请求的S3策略:AWS

时间:2018-05-20 01:56:39

标签: amazon-s3 amazon-cognito aws-cognito

我正在尝试将json策略放入我的S3存储桶中,这将使用Cognito凭据访问我的存储桶。以下是政策:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Principal": {
            "Federated": "cognito-identity.amazonaws.com"
        },
        "Action": "s3:ListBucket",
        "Resource": "arn:aws:s3:::bucketName12345",
        "Condition": {
            "StringLike": {
                "s3:prefix": "cognito/angularApplicationName/"
            }
        }
    },
    {
        "Effect": "Allow",
        "Principal": {
            "Federated": "cognito-identity.amazonaws.com"
        },
        "Action": [
            "s3:GetObject",
            "s3:PutObject",
            "s3:DeleteObject"
        ],
        "Resource": [
            "arn:aws:s3:::bucketName12345/cognito/angularApplicationName/${cognito-identity.amazonaws.com:sub}",
            "arn:aws:s3:::bucketName12345/cognito/angularApplicationName/${cognito-identity.amazonaws.com:sub}/*"
        ]
    }
]

}

但是我收到警告说“你的桶是公开的......”。由于我是AWS的新手,有人可以指出我在这里缺少什么吗?

0 个答案:

没有答案
相关问题
最新问题