我们有一个Cloudformation模板来创建S3存储桶,我们需要在“权限”选项卡下将访问控制列表的“读取存储桶”权限设置为“是”。以下是我们的模板代码:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"S3Bucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketName" : "mybucketname",
"AccessControl": "PublicRead",
"CorsConfiguration": {
"CorsRules": [
{
"AllowedHeaders": [
"Authorization"
],
"AllowedMethods": [
"GET"
],
"AllowedOrigins": [
"*"
],
"Id": "myCORSRuleId1",
"MaxAge": "3000"
}
]
}
}
},
"BucketPolicy" : {
"Type" : "AWS::S3::BucketPolicy",
"Properties" : {
"Bucket" : {"Ref" : "S3Bucket"},
"PolicyDocument": {
"Statement":[{
"Action":["s3:GetObject"],
"Effect":"Allow",
"Resource": { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "S3Bucket" } , "/*" ]]},
"Principal":"*"
}]
}
}
}
},
"Outputs": {
"BucketName": {
"Value": {
"Ref": "S3Bucket"
},
"Description": "Name of the Component Bucket with CORS enabled."
}
}
}
S3存储桶已成功创建,但尚未设置“读取存储桶权限”。请提出建议。