无法将多个存储桶策略添加到 S3 存储桶
Can't add multiple bucket policies to S3 bucket
我无法使用 zencoder 存储桶策略添加域级隐私存储桶策略。当我一次添加一个时,它们可以工作,但是当我尝试同时实现两者时,它们不起作用。我只是在寻找一种在一个存储桶中实施两个存储桶策略的解决方案。我试图将域级别隐私的条件添加到 zencoders 存储桶策略。但域级隐私停止工作。
这是我试图添加的存储桶策略。
{
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::newbbbb/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://www.vlogmo.com/*"
}
}
}
]
}
{
"Version": "2012-10-17",
"Id": "ZencoderBucketPolicy",
"Statement": [
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:GetObjectAcl",
"s3:GetObject",
"s3:PutObjectAcl",
"s3:PutObject",
"s3:ListMultipartUploadParts"
],
"Resource": "arn:aws:s3:::MY-BUCKET/*"
},
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:ListBucketMultipartUploads",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::MY-BUCKET"
}
]
}
im just looking for a solution to implement both bucket polices in one bucket
你不能这样做。一个存储桶只能有 一个策略 。因此,您必须通过添加新的 Statement:
将您的两项政策合二为一
{
"Version": "2012-10-17",
"Id": "ZencoderBucketPolicy",
"Statement": [
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:GetObjectAcl",
"s3:GetObject",
"s3:PutObjectAcl",
"s3:PutObject",
"s3:ListMultipartUploadParts"
],
"Resource": "arn:aws:s3:::MY-BUCKET/*"
},
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:ListBucketMultipartUploads",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::MY-BUCKET"
},
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::newbbbb/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://www.vlogmo.com/*"
}
}
}
]
}
我无法使用 zencoder 存储桶策略添加域级隐私存储桶策略。当我一次添加一个时,它们可以工作,但是当我尝试同时实现两者时,它们不起作用。我只是在寻找一种在一个存储桶中实施两个存储桶策略的解决方案。我试图将域级别隐私的条件添加到 zencoders 存储桶策略。但域级隐私停止工作。 这是我试图添加的存储桶策略。
{
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::newbbbb/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://www.vlogmo.com/*"
}
}
}
]
}
{
"Version": "2012-10-17",
"Id": "ZencoderBucketPolicy",
"Statement": [
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:GetObjectAcl",
"s3:GetObject",
"s3:PutObjectAcl",
"s3:PutObject",
"s3:ListMultipartUploadParts"
],
"Resource": "arn:aws:s3:::MY-BUCKET/*"
},
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:ListBucketMultipartUploads",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::MY-BUCKET"
}
]
}
im just looking for a solution to implement both bucket polices in one bucket
你不能这样做。一个存储桶只能有 一个策略 。因此,您必须通过添加新的 Statement:
{
"Version": "2012-10-17",
"Id": "ZencoderBucketPolicy",
"Statement": [
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:GetObjectAcl",
"s3:GetObject",
"s3:PutObjectAcl",
"s3:PutObject",
"s3:ListMultipartUploadParts"
],
"Resource": "arn:aws:s3:::MY-BUCKET/*"
},
{
"Sid": "Stmt1295042087538",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::395540211253:root"
},
"Action": [
"s3:ListBucketMultipartUploads",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::MY-BUCKET"
},
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::newbbbb/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://www.vlogmo.com/*"
}
}
}
]
}