AWS S3 存储桶提供 'policies must be valid JSON and the first byte must be '{'
AWS S3 Bucket giving 'policies must be valid JSON and the first byte must be '{'
{
"Id": "Policy1590051531320",
"Version": "2012-10-17",
"Statement": [
{ "Sid": "Stmt1590051522178",
"Action": [ "s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:GetBucketVersioning",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions" ],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::lakefs", "arn:aws:s3:::lakefs/backend.txt/*"],
"Principal": {"AWS": ["arn:aws:iam::REDACTED:user/uing"]
}
}
]
}
这是我的 s3 存储桶策略,但它返回 'Policies must be valid JSON and the first byte must be '{'。我的资源字段中有正确的存储桶名称和带路径前缀的存储桶名称。知道为什么我会收到此错误吗?
开头不能有这些空格 {。应该是:
{
"Id": "Policy1590051531320",
"Version": "2012-10-17",
"Statement": [
{ "Sid": "Stmt1590051522178",
"Action": [ "s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:GetBucketVersioning",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions" ],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::lakefs", "arn:aws:s3:::lakefs/backend.txt/*"],
"Principal": {"AWS": ["arn:aws:iam::172787983831:user/uing"]
}
}
]
}
[这里是 lakeFS 开发人员,但这是一个 AWS 问题]
如错误消息所述,它希望您以 {(并且前面没有空格)开始您的政策。
请注意,S3 将 基于资源的 策略(如这个)与 基于身份的 策略分开,您将在这些策略上设置IAM 服务。有重要的区别。基于身份的策略通常比基于资源的策略更容易设置:错误消息更容易阅读,基于网络的UI可以更友好(并在线提供JSON 政策的错误报告,或相当不错的视觉政策编辑器)等
{
"Id": "Policy1590051531320",
"Version": "2012-10-17",
"Statement": [
{ "Sid": "Stmt1590051522178",
"Action": [ "s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:GetBucketVersioning",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions" ],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::lakefs", "arn:aws:s3:::lakefs/backend.txt/*"],
"Principal": {"AWS": ["arn:aws:iam::REDACTED:user/uing"]
}
}
]
}
这是我的 s3 存储桶策略,但它返回 'Policies must be valid JSON and the first byte must be '{'。我的资源字段中有正确的存储桶名称和带路径前缀的存储桶名称。知道为什么我会收到此错误吗?
开头不能有这些空格 {。应该是:
{
"Id": "Policy1590051531320",
"Version": "2012-10-17",
"Statement": [
{ "Sid": "Stmt1590051522178",
"Action": [ "s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts",
"s3:GetBucketVersioning",
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions" ],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::lakefs", "arn:aws:s3:::lakefs/backend.txt/*"],
"Principal": {"AWS": ["arn:aws:iam::172787983831:user/uing"]
}
}
]
}
[这里是 lakeFS 开发人员,但这是一个 AWS 问题]
如错误消息所述,它希望您以 {(并且前面没有空格)开始您的政策。
请注意,S3 将 基于资源的 策略(如这个)与 基于身份的 策略分开,您将在这些策略上设置IAM 服务。有重要的区别。基于身份的策略通常比基于资源的策略更容易设置:错误消息更容易阅读,基于网络的UI可以更友好(并在线提供JSON 政策的错误报告,或相当不错的视觉政策编辑器)等