配置策略
{ "Version": "2012-10-17", "Id": "ExamplePolicy01", "Statement": [ { "Sid": "ExampleStatement01", "Effect": "Allow", "Action": [ "s3:getBucketVersioning", "s3:ListAllMyBuckets", "s3:GetAccountPublicAccessBlock", "s3:GetBucketPublicAccessBlock", "s3:GetBucketPolicyStatus", "s3:GetBucketAcl", "s3:ListAccessPoints" ], "Resource": [ "arn:aws:s3:::*" ] }, { "Sid": "statement1", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:PutObject", "s3:GetObject", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::media.pplingo.com", "arn:aws:s3:::media.pplingo.com/*", "arn:aws:s3:::stage.media.pplingo.com", "arn:aws:s3:::stage.media.pplingo.com/*", "arn:aws:s3:::dev.media.pplingo.com", "arn:aws:s3:::dev.media.pplingo.com/*", "arn:aws:s3:::test.media.pplingo.com", "arn:aws:s3:::test.media.pplingo.com/*" ] } ] }
保存策略
创建用户
添加s3策略
创建完成后,使用这个用户的key即可。
- 有个php服务,不知道是啥权限限制,使用这个策略解决报错问题。
只限制s3桶权限 { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:*", "s3-object-lambda:*" ], "Resource": "arn:aws:s3:::media.1.com", "arn:aws:s3:::media.1.com/*", "arn:aws:s3:::stage.media.1.com", "arn:aws:s3:::stage.media.1/* ] } ] }
继续阅读
评论