失去了对AWS S3存储桶的访问权限。

huangapple go评论61阅读模式
英文:

lost accss to AWS S3 bucket via policy

问题

我一直在尝试使S3存储桶通过单个IAM用户访问,同时拥有1个公共文件夹。

在测试策略选项时,我成功地使用以下策略删除了对存储桶的所有访问权限。

{
  "Id": "Policy1676745897591",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt167674580000",
      "Action": "s3:*",
      "Effect": "Deny",
      "Resource": "arn:aws:s3::bucket-name",
      "Principal": "*"
    }
  ]
}

我现在无法访问它,包括根用户。有什么建议吗?

英文:

I have been trying to get an S3 bucket to be accessible via a single IAM user while having 1 public folder.

While testing policy options, I managed to remove all access to the bucket with the following policy.

{
  "Id": "Policy1676745897591",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt167674580000",
      "Action": "s3:*",
      "Effect": "Deny",
      "Resource": "arn:aws:s3::bucket-name",
      "Principal": "*"
    }
  ]
}

I now cannot access it, including via root user. Any ideas?!

答案1

得分: 1

IAM策略中的“允许”和“拒绝”操作不能附加到根用户。因此,您可以以根用户身份登录,转到存储桶设置并移除存储桶策略。

英文:

IAM policy with "Allow" and "Deny" action can not be attached to the root user. So, you can sign in as root, go to Bucket settings and remove the Bucket policy.

huangapple
  • 本文由 发表于 2023年2月19日 02:49:20
  • 转载请务必保留本文链接:https://go.coder-hub.com/75495629.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定