S3存储桶策略访问被拒绝

Question

我正在尝试为特定用户设置AWS S3策略。当我将策略附加到用户但我的存储桶策略访问被拒绝时，它可以正常工作。从特定的动作开始，但是在下面它是开放的。这是我的政策。不胜感激，如果您能指出我在这里缺少什么。

{
    "Id": "Policy1540550791287",
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1540550707671",
            "Action": "s3:*",
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::testabc1234abc",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::<accountid>:user/test1"
                ]
            }
        },
        {
            "Sid": "Stmt1540550788846",
            "Action": "s3:*",
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::testabc1234abc/*",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::<accountid>:user/test1"
                ]
            }
        }
    ]
}