当前位置 : 主页 > 网页制作 > Nodejs >

为什么我的访问在s3上被拒绝(使用aws-sdk for Node.js)?

来源:互联网 收集:自由互联 发布时间:2021-06-16
我正在尝试从我的s3存储桶读取现有文件,但我一直收到“拒绝访问”,没有任何解释或说明如何处理它. Here是我正在使用的代码: 'use strict'var AWS = require('aws-sdk')const options = { apiVersion:
我正在尝试从我的s3存储桶读取现有文件,但我一直收到“拒绝访问”,没有任何解释或说明如何处理它. Here是我正在使用的代码: 

'use strict'

var AWS = require('aws-sdk')
const options = {
  apiVersion: '2006-03-01',
  params: {
    Bucket: process.env['IMAGINATOR_BUCKET']
  },
  accessKeyId: process.env['IMAGINATOR_AWS_ACCESS_KEY_ID'],
  secretAccessKey: process.env['IMAGINATOR_AWS_SECRET_ACCESS_KEY'],
  signatureVersion: 'v4'
}
console.log('options', options)
var s3 = new AWS.S3(options)

module.exports = exports = {
  get (name, cb) {
    const params = {
      Key: name + '.json'
    }
    console.log('get params', params)
    return s3.getObject(params, cb)
  },
  set (name, body, cb) {
    const params = {
      Key: name + '.json',
      Body: body
    }
    console.log('set params', params)
    return s3.putObject(params, cb)
  }
}

这就是我在使用get方法并记录回调中提供的错误时输出的结果(敏感信息被删除):

options { apiVersion: '2006-03-01',
  params: { Bucket: CENSORED_BUT_CORRECT },
  accessKeyId: CENSORED_BUT_CORRECT,
  secretAccessKey: CENSORED_BUT_CORRECT,
  signatureVersion: 'v4' }
get params { Key: 'whitelist.json' }
err { [AccessDenied: Access Denied]
  message: 'Access Denied',
  code: 'AccessDenied',
  region: null,
  time: Wed Sep 21 2016 11:17:50 GMT-0400 (EDT),
  requestId: CENSORED,
  extendedRequestId: CENSORED,
  cfId: undefined,
  statusCode: 403,
  retryable: false,
  retryDelay: 20.084538962692022 }
/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:31
            throw err;
            ^

AccessDenied: Access Denied
    at Request.extractError (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/services/s3.js:538:35)
    at Request.callListeners (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
    at Request.emit (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
    at Request.emit (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:668:14)
    at Request.transition (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:670:12)
    at Request.callListeners (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/sequential_executor.js:115:18)

现在我不知道该怎么做因为我认为我根据文档正确地做事,但它不起作用,错误信息没有说明为什么我的访问权被拒绝…任何想法下一步应该是什么是为了让这个工作?

问题是我的新IAM用户没有附加策略.我为它分配了AmazonS3FullAccess策略,现在它可以工作了.

正如评论中指出的那样,限制性更强的政策会更加安全

上一篇:node.js – 使用fs.readFile从外部URL获取文件
下一篇:node.js – 如何使用角度cli导入角度为2的电子
网友评论
相关栏目
最近更新
热门文章