S3:如何授予对多个存储桶的访问权限? [英] S3: How to grant access to multiple buckets?

问题描述

我有一个允许访问1个存储桶的策略:

I have a policy that allows access to 1 bucket:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": "arn:aws:s3:::MYBUCKETNAME"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::MYBUCKETNAME/*"
        }
    ]
}

我很好奇我如何允许访问多个存储桶?但是，我不想允许访问所有存储桶.我真的可以将声明"部分的2个子部分加倍吗?

I'm curious how I allow access to multiple buckets? I don't want to allow access to all buckets, however. Do I literally just double the 2 sub-sections of the "Statement" section?

我需要授予访问权限的存储桶也将使用其名称的模式，例如:

Also the buckets I need to grant access to will have a pattern to their name, say something like this:

abc-xyz-client

客户总是与众不同.添加某种通配符访问会更容易吗?

Where client will always be something different. Is it easier to add some sort of wildcard access?

推荐答案

Resource键的值可以是存储区数组.

The Resource key's value can be an array of buckets.

例如

"Resource" : ["arn:aws:s3:::MYBUCKETNAME", "arn:aws:s3:::MYBUCKETNAME2"]

这篇关于S3:如何授予对多个存储桶的访问权限?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！