AWS-CLI在Linux机器上访问S3 [英] AWS-CLI acccess to S3 on Linux Machine
问题描述
我想设置从Linux机器(Fedora)到AWS S3存储桶的递归同步.我已以root用户身份登录Linux,并且具有与特定AWS用户"Lisa"关联的AWS Key和Secret.
I am wanting to set up a recursive sync from a Linux machine (Fedora) to an AWS S3 bucket. I am logged into Linux as root and have an AWS Key and Secret associated with a specific AWS user "Lisa".
我已经安装了aws-cli,s3cmd,并尝试同时配置两者.我已经验证了aws/configure和aws/credentials文件都具有默认用户和具有访问密钥和秘密对的"Lisa"用户.我收到错误消息,指出访问被拒绝,找不到访问密钥和秘密对.我已经在网络上对此进行了研究,并验证了没有任何环境变量可能会覆盖configure&凭证文件.我还向所有登录用户授予了通过AWS控制台创建的存储桶的完全访问权限.我尚未旋转密钥,因为它们是一周前首次创建的,因此我能够登录&使用相同的密钥对设置AWS控制台.
I have installed aws-cli, s3cmd, and attempted to configure both. I have verified the aws/configure and aws/credentials files both have a default user and a "Lisa" user with Access Key and Secret pairs. I receive errors stating that Access is Denied, access key and secret pair not found. I have researched this on the web and verified that there are no environment variables that could be overriding the configure & credential files. I have also granted full access permissions to the bucket created through the AWS Console to all logged in users. I have not rotated the keys, as they were first created a week ago, and I was able to log-in & set-up the AWS console using that same key pair.
旋转钥匙之前我还应该做什么?
What else should I be doing before rotating the keys?
推荐答案
您似乎混用了多个术语,因此有必要了解它们之间的区别:
You seem to have several terms intermixed, so it's worth knowing the difference:
- 用户名和密码用于登录基于Web的管理控制台.它们很短,易于阅读且易于记忆.
- 访问密钥(以
AKIA
开头)和秘密密钥用于进行API调用. AWS CLI也使用它(代表您进行API调用) - 密钥对由公用密钥和专用密钥组成,用于认证SSH连接.这是一段很长的文字.
- Username and password is used to login to the web-based management console. They are short, to be human-readable and easy to remember.
- Access Key (starting with
AKIA
) and Secret Key is used for making API calls. It is also used by the AWS CLI (which makes API calls on your behalf) - Key pair consists of a public and private key, used for authenticating SSH connections. It is a very long block of text.
您提到找不到访问密钥.这可能是因为提供的凭证类型错误.
You mention that an Access Key is not found. This could be because the wrong type of credential is being provided.
这篇关于AWS-CLI在Linux机器上访问S3的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!