这是我的存储桶策略代码。
{ "版本": "2012-10-17", “陈述”: [ { "效果": "允许", "校长": "", “行动”: [ “s3:获取对象”, “s3:获取对象标记”, “s3:放置对象”, “s3:放置对象标记” ], “资源”:“arn:aws:s3 :::vgi-esf-eng-us-east-1-narwhal-bfb-automated-input/” }, { "效果": "允许", "校长": "", "操作": "s3:ListBucket", “资源”:“arn:aws:s3 :::vgi-esf-eng-us-east-1-narwhal-bfb-automated-input” }, { "Sid": "DenyUnEncryptedObjectUploads", “效果”:“拒绝”, "校长": "", “操作”:“s3:PutObject”, "资源": "arn:aws:s3:::vgi-esf-eng-us-east-1-narwhal-bfb-automated-input/", “健康)状况”: { “无效的”: { "s3:x-amz-服务器端加密": "true" } } }, { "Sid": "强制 SSL", “效果”:“拒绝”, "校长": "", “行动”:“s3:”, "资源": "arn:aws:s3:::vgi-esf-eng-us-east-1-narwhal-bfb-automated-input/", “健康)状况”: { “布尔”:{ "aws:SecureTransport": "假" } } }, { "Sid": "限制存储桶访问", “效果”:“拒绝”, "校长": "", “行动”:“s3:”, “资源”:[ “arn:aws:s3:::vgi-esf-eng-us-east-1-narwhal-bfb-自动输入”, “arn:aws:s3:::vgi-esf-eng-us-east-1-narwhal-bfb-automated-input/” ], “健康)状况”: { “字符串不喜欢”:{ “aws:PrincipalArn”:[ "arn:aws:iam::551470947100:角色/CloudBotRole", "arn:aws:iam::551470947100:角色/globalaccess/", "arn:aws:iam::551470947100:用户/globalaccess/", "arn:aws:iam::551470947100:角色/Bamboo-Role-Remote-", “arn:aws:iam::551470947100:角色/FB0-narwhalbfbautomatedmrprivate-ENG-east-1” ] } } } ] }
我需要编辑存储桶策略
我想答案就在这里: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html
简而言之,您需要在策略中添加
s3express:CreateSession祝你好运!