0

我正在尝试获取我的 S3Client 中的存储桶列表,但我收到异常 com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID :xxxxxxxxx; S3 扩展请求 ID: xxxxxx=; xxxxx: xxxxxxx=

[junit] at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1819) [junit] at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleServiceErrorResponse(AmazonHttpClient.java:1403) [junit] at com. amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1372) [junit] at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1145) [junit] at com.amazonaws.http.AmazonHttpClient$ RequestExecutor.doExecute(AmazonHttpClient.java:802) [junit] 在 com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:770) [junit] 在 com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient. java:744) [junit] 在 com.amazonaws.http.AmazonHttpClient$RequestExecutor。在 com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686) [junit] 在 com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) 访问 $500(AmazonHttpClient.java:704) [junit] ) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] at com.amazonaws .services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) [junit] at com.amazonaws.services.s3.AmazonS3Client .listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71 )71)71)704) [junit] 在 com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686) [junit] 在 com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) [junit] 在 com. amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] 在 com.amazonaws.services.s3.AmazonS3Client。 com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) 的调用(AmazonS3Client.java:5195) [junit] [junit] com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java: 1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71)704) [junit] 在 com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686) [junit] 在 com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) [junit] 在 com. amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] 在 com.amazonaws.services.s3.AmazonS3Client。 com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) 的调用(AmazonS3Client.java:5195) [junit] [junit] com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java: 1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71)AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java: 530) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services。 s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71)AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java: 530) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services。 s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71)amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke( AmazonS3Client.java:5248) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src。项目名称.tst.S3Accessor.test2(S3Accessor.java:71)amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) [junit] at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke( AmazonS3Client.java:5248) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5189) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src。项目名称.tst.S3Accessor.test2(S3Accessor.java:71)services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] 在 com.amazonaws.services.s3.AmazonS3Client。在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:第1024章 src.projectname.tst.S3Accessor.test2services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5248) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:5195) [junit] 在 com.amazonaws.services.s3.AmazonS3Client。在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1018) [junit] 在 com.amazonaws.services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:第1024章 src.projectname.tst.S3Accessor.test2services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71)services.s3.AmazonS3Client.listBuckets(AmazonS3Client.java:1024) [junit] 在 src.projectname.tst.S3Accessor.test2(S3Accessor.java:71)

我的代码:


    public void readBucket() throws IOException {
        String REGION = "us-east-2";
        String bucketName = "bucketName";
        String key = "objectName";
        try {
            AWSCredentials credentials = new BasicAWSCredentials("xxxxxxxx","xxxxxx");

            AmazonS3 s3Client = AmazonS3ClientBuilder
                    .standard()
                    .withCredentials(new AWSStaticCredentialsProvider(credentials))
                    .withRegion(Regions.US_EAST_2)
                    .build();
            if (s3Client.doesBucketExist("bucket name")) {
                System.out.println("Bucket %s already exists.\n");
            }
            List<Bucket> buckets = s3Client.listBuckets();
            System.out.println("Your Amazon S3 buckets are:");
            for (Bucket b : buckets) {
                System.out.println("* " + b.getName());
            }
          }
   }

我与 IAM 用户附加的政策是-

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::bucket name",
                "arn:aws:s3:::bucketname/*"
            ]
        }
    ]
}

我实际上能够检查我的存储桶是否正确存在,即我的 s3Client 是否正确更新。任何人都可以帮我解决这个问题。提前致谢!

4

1 回答 1

0

它是一个凭证许可问题。尝试向与您使用的凭据对应的 IAM 角色/用户授予完整的 S3 权限。正确设置您的权限后,使用 Amazon S3 Java API 调用 Amazon S3 操作就没有问题了。

此外,考虑从旧的 V1 API 迁移到新的 V2 API:

AWS SDK for Java 2.x 是对 1.x 版代码库的重大重写。它建立在 Java 8+ 之上,并添加了几个经常请求的特性。其中包括对非阻塞 I/O 的支持以及在运行时插入不同 HTTP 实现的能力。

您可以在此处找到许多 S3 V2 代码示例:

https://github.com/awsdocs/aws-doc-sdk-examples/tree/master/javav2/example_code/s3/src/main/java/com/example/s3

您如何设置权限 - 通过自定义策略或使用此策略?

在此处输入图像描述

于 2021-04-07T17:04:09.780 回答