我需要分配公共读取访问权限,同时允许所有者在处理 sharp() 库中的对象后以完全访问权限操作对象。因此,我将旧对象替换为新对象,因此我需要设置新的 ACL。ACL 只允许拥有一种访问权限,我需要将“public-read”和“bucket-owner-full-controll”结合起来
根据界面和文档,这就足够了
await s3Bucket.putObjectAcl({
Bucket: s3EventMessage.bucket.name,
Key: key,
AccessControlPolicy: {},
GrantFullControl: 'canonical_id',
GrantRead: 'http://acs.amazonaws.com/groups/global/AllUsers'
}).promise();
另外,我试过这个,根据界面应该足够了,但是我得到了错误:
Bucket: s3EventMessage.bucket.name,
Key: key,
AccessControlPolicy: {
Grants: [
{
Grantee: {
Type: "CanonicalUser"
},
},
],
},
GrantRead: 'http://acs.amazonaws.com/groups/global/AllUsers'
我也试过这种方式,我得到一个错误,我的 XML 格式错误
await s3Bucket.putObjectAcl({
Bucket: s3EventMessage.bucket.name,
Key: key,
AccessControlPolicy: {
Grants: [
{
Grantee: {
Type: "CanonicalUser",
DisplayName: 'Owner',
ID: 'canonical_id',
},
Permission: "FULL_CONTROL"
},
{
Grantee: {
Type: "Group",
URI: 'http://acs.amazonaws.com/groups/global/AllUsers',
},
Permission: "READ",
}
],
},
}).promise();
错误:
MalformedACLError:您提供的 XML 格式不正确或未针对我们发布的架构进行验证
此语法具有精确的所有者:
await s3Bucket.putObjectAcl({
Bucket: s3EventMessage.bucket.name,
Key: key,
AccessControlPolicy: {
Owner: {
DisplayName: 'Owner',
ID: 'canonical_id',
},
Grants: [
{
Grantee: {
Type: "CanonicalUser",
DisplayName: 'Owner',
ID: 'canonical_id',
},
Permission: "FULL_CONTROL"
},
{
Grantee: {
Type: "Group",
URI: 'http://acs.amazonaws.com/groups/global/AllUsers',
},
Permission: "READ",
}
],
},
}).promise();
给出一个错误:
AccessDenied:拒绝访问
另外,我在 PHP 中找到了一个解决方案,但这对我不起作用 - 我被拒绝访问
这是解决方案
这是文档Nodejs 示例
提前致谢!