存储桶策略 Editor:Policy 无法解析为有效的 JSON 字符串

Bucket Policy Editor:Policy could not be parsed as a valid JSON string

我正在学习 AWS CLI,我尝试从本地文件夹复制到 S3 中的存储桶...所以当我键入命令时输出 return 下一个错误:

upload failed: ./lalala.txt to s3://buecket_name/ An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

所以我正在搜索这个,互联网告诉我问题出在存储桶策略编辑器中,所以我尝试编辑策略,但是当我点击保存时,错误是:

Bucket Policy Editor:Policy could not be parsed as a valid JSON string

我的策略脚本:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:ListAllMyBuckets"
      "Resource": "arn:aws:s3:::bucket-name*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation",
        "s3:PutObject" 
      ],
      "Resource": "arn:aws:s3:::bucket-name"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject"
      ],
      "Resource": "arn:aws:s3:::bucket-name/*"
    }
  ]
}

_____UPDATE_____:

伙计们,我尝试按照下面的人的建议更改添加 "principal" 的脚本,但错误继续存在:

Policy could not be parsed as a valid JSON string

当前脚本:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:ListAllMyBuckets",
      "Resource": "arn:aws:s3:Sao Paulo:X1X8XX6YYY16X:name-bucket*"
    },
    "Principal": { 
      "AWS": [
        "arn:aws:iam::AWS-account-ID:root"
      ]
    }
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation",
        "s3:PutObject" 
      ],
      "Resource": "arn:aws:s3:::bucket-name"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject"
      ],
      "Resource": "arn:aws:s3:::bucket-name/*"
    }
  ]
}

伙计们,我做错了什么?

提前致谢!

第一个操作部分后缺少逗号:

"Action": "s3:ListAllMyBuckets",

可以通过 jslint.

等服务来验证 JSON

read/write 到特定存储桶的策略如下

{
"Version": "2012-10-17",
"Statement": [        
    {
        "Sid": "S3Actions",
        "Resource": [
            "arn:aws:s3:::bucket-name/*",
            "arn:aws:s3:::bucket-name"               
        ],
        "Action": [
            "s3:DeleteObject",
            "s3:PutBucketAcl",
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:Get*",
            "s3:List*"
        ],
        "Effect": "Allow"
    }
]
}

您还可以在可以 select 策略的地方使用 Policy Simulator 并尝试确保 select 执行适当的操作来执行您的 API 调用没有任何问题。