node.js - IBM Cloud Object Storage, cannot modify object ACL permissions
问题描述
Using the Node.js SDK for IBM Cloud Object Storage, I can successfully create new objects with the public-read
ACL setting.
var params = {Bucket: 'bucket', Key: 'key', Body: stream, ACL: 'public-read`};
s3.upload(params, function(err, data) {
console.log(err, data);
});
Files can be accessed without authentication once uploaded.
However, once a file is uploaded, trying to update the ACL permissions to turn a private
file to public-read
fails with Access Denied
errors.
var params = {Bucket: 'bucket', Key: 'key', Body: stream, ACL: 'public-read`};
s3.putObjectAcl(params, function(err, data) {
console.log(err, data);
})
This is the error message return in the response.
{
"errorMessage": "Access Denied",
"errorType": "Error"
}
Retrieving the ACL using getObjectAcl
also fails with the same issue.
解决方案
Authentication credentials must have the Manager
role to access and modify ACLs for existing objects.
Check the role assigned to your service identifier. If you can create new objects, you may have the Writer
role rather than the Manager
.
More details on the permissions model can be found here: https://console.bluemix.net/docs/services/cloud-object-storage/iam/buckets.html#bucket-permissions
推荐阅读
- javascript - 什么函数返回另一个函数,其参数也声明为常量?
- google-apps-script - 将工作表保存为 PDF
- javascript - Javascript GooglMaps API 句柄不经常工作
- ios - 在 Xamarin iOS 中使用 FirebasePushNotificationPlugin 时没有有效的“aps 环境”
- angular - Angular HttpClient:从 RESTfull API 页面获取数据(下一页循环)
- javascript - 如何在启动应用程序时从表中加载 json 文件中的数据?
- reactjs - 如何使用 redux-form 预填充反应表单输入字段?
- visual-studio - 如何在最新版本的 VSTS 中添加 Nuget 包徽章
- batch-file - 如何提取字符串批处理的一部分
- iis - 部署到 IIS 会删除 URL 重写规则?