时间戳

首页 > 解决方案 > Aws::S3::Errors::AccessDenied 尝试使用 Rails 应用程序编写时

ruby-on-rails - Aws::S3::Errors::AccessDenied 尝试使用 Rails 应用程序编写时

问题描述

我们正在构建一个登台服务器,为此我们克隆我们的生产服务器。因此,我创建了一个用于暂存的新存储桶,并使用 Amazon S3 中提供的接口(复制/粘贴)将生产存储桶的所有内容复制到暂存存储桶中。

暂存应用程序可以毫无问题地从暂存存储桶中读取和删除文件,但我无法写入新文件......

有人有想法吗?我在这里粘贴我配置的策略:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [
            "s3:PutAnalyticsConfiguration",
            "s3:GetObjectVersionTagging",
            "s3:CreateBucket",
            "s3:ReplicateObject",
            "s3:GetObjectAcl",
            "s3:DeleteBucketWebsite",
            "s3:PutLifecycleConfiguration",
            "s3:GetObjectVersionAcl",
            "s3:PutBucketAcl",
            "s3:PutObjectTagging",
            "s3:DeleteObject",
            "s3:GetIpConfiguration",
            "s3:DeleteObjectTagging",
            "s3:GetBucketWebsite",
            "s3:PutReplicationConfiguration",
            "s3:DeleteObjectVersionTagging",
            "s3:GetBucketNotification",
            "s3:PutBucketCORS",
            "s3:DeleteBucketPolicy",
            "s3:GetReplicationConfiguration",
            "s3:ListMultipartUploadParts",
            "s3:PutObject",
            "s3:GetObject",
            "s3:PutBucketNotification",
            "s3:PutBucketLogging",
            "s3:PutObjectVersionAcl",
            "s3:GetAnalyticsConfiguration",
            "s3:GetObjectVersionForReplication",
            "s3:GetLifecycleConfiguration",
            "s3:ListBucketByTags",
            "s3:GetInventoryConfiguration",
            "s3:GetBucketTagging",
            "s3:PutAccelerateConfiguration",
            "s3:DeleteObjectVersion",
            "s3:GetBucketLogging",
            "s3:ListBucketVersions",
            "s3:ReplicateTags",
            "s3:RestoreObject",
            "s3:ListBucket",
            "s3:GetAccelerateConfiguration",
            "s3:GetBucketPolicy",
            "s3:GetObjectVersionTorrent",
            "s3:AbortMultipartUpload",
            "s3:PutBucketTagging",
            "s3:GetBucketRequestPayment",
            "s3:GetObjectTagging",
            "s3:GetMetricsConfiguration",
            "s3:DeleteBucket",
            "s3:PutBucketVersioning",
            "s3:PutObjectAcl",
            "s3:ListBucketMultipartUploads",
            "s3:PutMetricsConfiguration",
            "s3:PutObjectVersionTagging",
            "s3:GetBucketVersioning",
            "s3:GetBucketAcl",
            "s3:PutInventoryConfiguration",
            "s3:PutIpConfiguration",
            "s3:GetObjectTorrent",
            "s3:ObjectOwnerOverrideToBucketOwner",
            "s3:PutBucketWebsite",
            "s3:PutBucketRequestPayment",
            "s3:GetBucketCORS",
            "s3:PutBucketPolicy",
            "s3:GetBucketLocation",
            "s3:ReplicateDelete",
            "s3:GetObjectVersion"
        ],
        "Resource": [
            "arn:aws:s3:::naturebooker-staging",
            "arn:aws:s3:::naturebooker_staging/*"
        ]
    },
    {
        "Sid": "VisualEditor1",
        "Effect": "Allow",
        "Action": [
            "s3:ListAllMyBuckets",
            "s3:HeadBucket",
            "s3:ListObjects"
        ],
        "Resource": "*"
    }
]
}

标签: ruby-on-railsamazon-web-servicesamazon-s3

解决方案

请检查资源名称是否正确。我看到 _ 而不是 -

推荐阅读