S3存储桶操作不适用于任何资源 [英] S3 Bucket action doesn't apply to any resources

问题描述

我正在按照此答案中的说明进行操作，以生成以下S3存储桶策略:

I'm following the instructions from this answer to generate the follow S3 bucket policy:

{
  "Id": "Policy1495981680273",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1495981517155",
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::surplace-audio",
      "Principal": "*"
    }
  ]
}

我得到以下错误:

操作不适用于语句中的任何资源

Action does not apply to any resource(s) in statement

我的保单遗漏了什么?

推荐答案

从IAM文档中， http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Action

某些服务不允许您为单个资源指定操作；相反，您在Action或NotAction元素中列出的所有操作都将应用于该服务中的所有资源.在这种情况下，请在Resource元素中使用通配符*.

Some services do not let you specify actions for individual resources; instead, any actions that you list in the Action or NotAction element apply to all resources in that service. In these cases, you use the wildcard * in the Resource element.

使用此信息，资源应具有如下值:

With this information, resource should have a value like below:

"Resource": "arn:aws:s3:::surplace-audio/*"

这篇关于S3存储桶操作不适用于任何资源的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！