AWS S3 Java SDK – 拒绝访问
我正在尝试使用AWS SDK访问存储桶及其所有对象但在运行代码时我收到错误,因为线程“main”中的exceptioncom.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: X), S3 Extended Request ID: Y=
请建议,我缺少的地方以及为什么访问被拒绝错误正在发生,尽管我已经获得了以下所有权限:
s3:GetObject s3:GetObjectVersion s3:GetObjectAcl s3:GetBucketAcl s3:GetBucketCORS s3:GetBucketLocation s3:GetBucketLogging s3:ListBucket s3:ListBucketVersions s3:ListBucketMultipartUploads s3:GetObjectTorrent s3:GetObjectVersionAcl
代码如下:
AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey); ClientConfiguration clientConfig = new ClientConfiguration(); clientConfig.setProtocol(Protocol.HTTP); AmazonS3 conn = new AmazonS3Client(credentials, clientConfig); conn.setEndpoint(bucketName); Bucket bucket = conn.createBucket(bucketName); ObjectListing objects = conn.listObjects(bucket.getName()); do { for (S3ObjectSummary objectSummary : objects.getObjectSummaries()) { System.out.println(objectSummary.getKey() + "\t" + objectSummary.getSize() + "\t" + StringUtils.fromDate(objectSummary.getLastModified())); } objects = conn.listNextBatchOfObjects(objects); } while (objects.isTruncated());
转到IAM并检查用于API的用户[访问密钥和密钥]是否具有使用基于S3的API的优先级。
将S3策略附加到指定用户 – 尝试使用S3 Full Access ; 一旦工作,你可以细化访问。 更多信息请查看此链接[ 管理IAM策略 ]
问题现在解决了。 代码存在以下问题:
- 终点不正确,应该有一个正确的终点。
- 没有给予桶足够的许可。 在AWS SDK中使用存储桶之前,应该先获得完整权限列表。
下面是正确的代码
AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey); ClientConfiguration clientConfig = new ClientConfiguration(); clientConfig.setProtocol(Protocol.HTTP); AmazonS3 conn = new AmazonS3Client(credentials, clientConfig); conn.setEndpoint("correct end point"); Bucket bucket = conn.createBucket(bucketName); ObjectListing objects = conn.listObjects(bucket.getName()); do { for (S3ObjectSummary objectSummary : objects.getObjectSummaries()) { System.out.println(objectSummary.getKey() + "\t" + objectSummary.getSize() + "\t" + StringUtils.fromDate(objectSummary.getLastModified())); } objects = conn.listNextBatchOfObjects(objects); } while (objects.isTruncated());