手机可以使用以下存储桶策略将其内容正确上传到 IAM 用户下的我们的 s3 存储桶
{
"Version": "2008-10-17",
"Id": "redacted",
"Statement": [
{
"Sid": "redacted",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::redacted:user/iam_user"
},
"Action": "s3:ListBucketMultipartUploads",
"Resource": "arn:aws:s3:::bucket_name"
},
{
"Sid": "redacted",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::202695660434:user/iam_user"
},
"Action": [
"s3:AbortMultipartUpload",
"s3:GetObject",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket_name/uploads/*"
}
]
}
我想遵循最佳实践并允许联合用户从移动设备上传到此存储桶。我将如何调整政策?我目前可以创建联合用户凭据,但无法正确上传。此政策未能保存
{
"Version": "2008-10-17",
"Id": "redacted",
"Statement": [
{
"Action": [
"sts:GetFederationToken"
],
"Sid": "redacted",
"Resource": [
"*"
],
"Effect": "Allow"
},
{
"Sid": "redacted",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::redacted:user/iam_user"
},
"Action": "s3:ListBucketMultipartUploads",
"Resource": "arn:aws:s3:::bucket_name"
},
{
"Sid": "redacted",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::202695660434:user/iam_user"
},
"Action": [
"s3:AbortMultipartUpload",
"s3:GetObject",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket_name/uploads/*"
}
]
}