AWS S3无需访问和密钥在Java中上载 [英] AWS S3 upload without access and secret key in Java
问题描述
我想在不使用来自 AWS
服务器的访问和密钥的情况下将文件上传到S3。 AWS键应作为默认值。但是在服务器中运行以下命令我可以访问它而无需提供任何访问和密钥。
I want to upload a file to S3 without using my access and secret key from AWS
server. AWS keys should be taken as default. However running the below command in server I can access it without providing any access and secret keys.
aws s3 cp somefile.txt s3:/ / somebucket /
aws s3 cp somefile.txt s3://somebucket/
从Java代码中无法访问,因为它无法加载凭据。
以下是我的代码。
From java code its not accessible since it was unable to load credentials. Below is my code.
AmazonS3 s3client = new AmazonS3Client(new DefaultAWSCredentialsProviderChain());
推荐答案
您可以使用以下Java代码获取<当您尝试从EC2实例连接到S3存储桶时,code> s3client 实例。
You can use the below Java code to get the s3client
instance when you are trying to connect to S3 bucket from EC2 instance.
AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
.withCredentials(new InstanceProfileCredentialsProvider(false))
.build();
这是推荐的方式,因为应用程序不需要在属性文件中维护访问密钥。
This is the recommended way as the application doesn't require to maintain the access keys in property files.
- 应创建IAM角色,并为该
角色提供S3访问权限。请参阅下面的示例政策。 - 应将IAM角色分配给EC2实例
IAM角色的示例政策: -
{
"Action": ["s3:PutObject",
"s3:ListBucket",
"s3:GetObject",
"s3:DeleteObject"],
"Resource": ["arn:aws:s3:::yourBucketName",
"arn:aws:s3:::yourBucketName/*"],
"Effect": "Allow",
"Sid": "AllowBucketLinux"
}
这篇关于AWS S3无需访问和密钥在Java中上载的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!