问题

ObjectLock在CloudFormation模板中可能尚未实现，或者模板中存在错误。

我尝试应用以下堆栈：

应用堆栈导致创建失败：
无法在现有存储桶上启用Object Lock配置（服务：Amazon S3；状态码：409；错误代码：InvalidBucketState；请求ID：0AF2GTWV4W9P4X1C；S3

在应用堆栈之前该存储桶不存在。
有任何想法吗？

英文:

Is ObjectLock with Cloudformation Templates possibly still not implemented or is there an error in this template?

I tried to apply the following stack:

---
Resources:
 TestBucketBucketProd:
  Type: &#39;AWS::S3::Bucket&#39;
  Properties:
   BucketName: testbucket-prod
   VersioningConfiguration:
    Status: Enabled
   AccessControl: Private
   Tags:
    - Key: org 
     Value: prod
   PublicAccessBlockConfiguration:
    BlockPublicAcls: true
    BlockPublicPolicy: true
    IgnorePublicAcls: true
    RestrictPublicBuckets: true
   ObjectLockConfiguration:
    ObjectLockEnabled: true
    Rule:
     DefaultRetention:
      Mode: GOVERNANCE
      Days: 2
Outputs:
 TestBucketBucketName:
  Value: !Ref TestBucketBucketProd
  Description: The name of the TestBucket S3 bucket.

Applying the stack leads to a failure in creation:
Object Lock configuration cannot be enabled on existing buckets (Service: Amazon S3; Status Code: 409; Error Code: InvalidBucketState; Request ID: 0AF2GTWV4W9P4X1C; S3

The bucket did not exist before applying the stack.
Any ideas?

答案1

得分: 1

通过AWS支持的帮助，我得到了解决方案。
我会在这里写出来，因为我认为这并不是很直观。
您需要两次提及"ObjectLockEnabled"。

   ObjectLockEnabled: true
   ObjectLockConfiguration:
     ObjectLockEnabled: "Enabled"
     Rule:
       DefaultRetention:
       Mode: "GOVERNANCE"
       Days: 2

ChatGPT帮助我解决了CLI的问题：

aws s3api create-bucket --bucket zentrada-dev-testbucket \ 
 --region eu-central-1 \ 
 --create-bucket-configuration \ 
 LocationConstraint=eu-central-1 --object-lock-enabled-for-bucket 

aws s3api put-object-lock-configuration \ 
 --bucket zentrada--dev-testbucket --object-lock-configuration \ 
'{"ObjectLockEnabled":"Enabled","Rule":{"DefaultRetention":{"Mode":"GOVERNANCE","Days":1}}}'

英文:

With help from AWS support, I got the solution.<BR/>
I'll write it here, because I don't think, it is quite intuitive.<BR/>
You need to hand over "ObjectLockEnabled" twice.<BR/>
<pre>
ObjectLockEnabled: true
ObjectLockConfiguration:
ObjectLockEnabled: "Enabled"
Rule:
DefaultRetention:
Mode: "GOVERNANCE"
Days: 2
</pre>
ChatGPT helped me with a solution for the CLI:
<pre>
aws s3api create-bucket --bucket zentrada-dev-testbucket \
--region eu-central-1 \
--create-bucket-configuration \
LocationConstraint=eu-central-1 --object-lock-enabled-for-bucket

aws s3api put-object-lock-configuration \
--bucket zentrada--dev-testbucket --object-lock-configuration \
'{"ObjectLockEnabled":"Enabled","Rule":{"DefaultRetention":{"Mode":"GOVERNANCE","Days":1}}}'
</pre>

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

已解决：使用Cloudformation实现S3对象锁定

问题

答案1

GCP云存储 – 使用Golang aws sdk2 – 使用S3互操作凭证上传文件

Invalid Resource and malformed policy errors – aws cloudformation YAML

检查将对象上传到S3后是否存在。

如何使用AWS CDK创建AWS Cognito堆栈

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论