嗨,我尝试在S3存储桶的“文件夹”中列出所有文件。所以我尝试:
const params = {
Bucket: s3bucketname,
Prefix: foldername + "/"
};
const data = await s3.listObjectsV2(params).promise()
console.log(data)
这给我一个AccessDenied错误。
文件本身就是这样存储的
const params = {
Bucket: s3bucketname,
Key: foldername + "/" + filename,
ContentType: 'image/jpeg',
ACL: 'public-read',
Body: data
};
await s3.upload(params, tags).promise();
和公开可用。效果很好。也使用
const params = {
Bucket: s3bucketname,
Key: folderfilename
};
await s3.headObject(params).promise()
工作正常。
yml文件如下所示
S3BucketampstoryscreenshotsPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: S3Bucketampstoryscreenshots
PolicyDocument:
Statement:
-
Action:
- "s3:Get*"
Effect: "Allow"
我测试了多个小变化,但是在这里找不到问题吗?
答案 0 :(得分:0)
需要ListBucket语句。在这里重要的是,使用Ref一次使用/ *,一次不使用/ *,如果没有这样设置,则会导致
操作不适用于语句中的任何资源(服务:Amazon S3;状态码:400;错误代码:MalformedPolicy;
这对我而言有效:
PolicyDocument:
Statement:
-
Action:
- "s3:GetObject"
Effect: "Allow"
Resource:
Fn::Join:
- ""
-
- "arn:aws:s3:::"
-
Ref: "S3Bucketampstoryscreenshots"
- "/*"
Principal: "*"
-
Action:
- "s3:ListBucket"
Effect: "Allow"
Resource:
Fn::Join:
- ""
-
- "arn:aws:s3:::"
-
Ref: "S3Bucketampstoryscreenshots"
Principal: "*"
感谢jarmod的提示