存储桶策略 Editor:Policy 无法解析为有效的 JSON 字符串
Bucket Policy Editor:Policy could not be parsed as a valid JSON string
我正在学习 AWS CLI,我尝试从本地文件夹复制到 S3 中的存储桶...所以当我键入命令时输出 return 下一个错误:
upload failed: ./lalala.txt to s3://buecket_name/ An error occurred (AccessDenied) when calling the PutObject operation: Access Denied
所以我正在搜索这个,互联网告诉我问题出在存储桶策略编辑器中,所以我尝试编辑策略,但是当我点击保存时,错误是:
Bucket Policy Editor:Policy could not be parsed as a valid JSON string
我的策略脚本:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets"
"Resource": "arn:aws:s3:::bucket-name*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket-name"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}
_____UPDATE_____:
伙计们,我尝试按照下面的人的建议更改添加 "principal" 的脚本,但错误继续存在:
Policy could not be parsed as a valid JSON string
当前脚本:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "arn:aws:s3:Sao Paulo:X1X8XX6YYY16X:name-bucket*"
},
"Principal": {
"AWS": [
"arn:aws:iam::AWS-account-ID:root"
]
}
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket-name"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}
伙计们,我做错了什么?
提前致谢!
第一个操作部分后缺少逗号:
"Action": "s3:ListAllMyBuckets",
可以通过 jslint.
等服务来验证 JSON
read/write 到特定存储桶的策略如下
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "S3Actions",
"Resource": [
"arn:aws:s3:::bucket-name/*",
"arn:aws:s3:::bucket-name"
],
"Action": [
"s3:DeleteObject",
"s3:PutBucketAcl",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:Get*",
"s3:List*"
],
"Effect": "Allow"
}
]
}
您还可以在可以 select 策略的地方使用 Policy Simulator 并尝试确保 select 执行适当的操作来执行您的 API 调用没有任何问题。
我正在学习 AWS CLI,我尝试从本地文件夹复制到 S3 中的存储桶...所以当我键入命令时输出 return 下一个错误:
upload failed: ./lalala.txt to s3://buecket_name/ An error occurred (AccessDenied) when calling the PutObject operation: Access Denied
所以我正在搜索这个,互联网告诉我问题出在存储桶策略编辑器中,所以我尝试编辑策略,但是当我点击保存时,错误是:
Bucket Policy Editor:Policy could not be parsed as a valid JSON string
我的策略脚本:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets"
"Resource": "arn:aws:s3:::bucket-name*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket-name"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}
_____UPDATE_____:
伙计们,我尝试按照下面的人的建议更改添加 "principal" 的脚本,但错误继续存在:
Policy could not be parsed as a valid JSON string
当前脚本:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "arn:aws:s3:Sao Paulo:X1X8XX6YYY16X:name-bucket*"
},
"Principal": {
"AWS": [
"arn:aws:iam::AWS-account-ID:root"
]
}
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket-name"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}
伙计们,我做错了什么?
提前致谢!
第一个操作部分后缺少逗号:
"Action": "s3:ListAllMyBuckets",
可以通过 jslint.
等服务来验证 JSONread/write 到特定存储桶的策略如下
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "S3Actions",
"Resource": [
"arn:aws:s3:::bucket-name/*",
"arn:aws:s3:::bucket-name"
],
"Action": [
"s3:DeleteObject",
"s3:PutBucketAcl",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:Get*",
"s3:List*"
],
"Effect": "Allow"
}
]
}
您还可以在可以 select 策略的地方使用 Policy Simulator 并尝试确保 select 执行适当的操作来执行您的 API 调用没有任何问题。