1. 首页
  2. 问答
  3. 为什么我的访问在s3上被拒绝(使用aws-sdk for Node.js)?

为什么我的访问在s3上被拒绝(使用aws-sdk for Node.js)?

2016-09-21 63 views
2

我试图从我的s3存储桶读取现有文件,但我一直得到“拒绝访问”,没有解释或说明如何处理它。 Here是我使用的代码:为什么我的访问在s3上被拒绝(使用aws-sdk for Node.js)?

'use strict' 

var AWS = require('aws-sdk') 
const options = { 
    apiVersion: '2006-03-01', 
    params: { 
    Bucket: process.env['IMAGINATOR_BUCKET'] 
    }, 
    accessKeyId: process.env['IMAGINATOR_AWS_ACCESS_KEY_ID'], 
    secretAccessKey: process.env['IMAGINATOR_AWS_SECRET_ACCESS_KEY'], 
    signatureVersion: 'v4' 
} 
console.log('options', options) 
var s3 = new AWS.S3(options) 

module.exports = exports = { 
    get (name, cb) { 
    const params = { 
     Key: name + '.json' 
    } 
    console.log('get params', params) 
    return s3.getObject(params, cb) 
    }, 
    set (name, body, cb) { 
    const params = { 
     Key: name + '.json', 
     Body: body 
    } 
    console.log('set params', params) 
    return s3.putObject(params, cb) 
    } 
}

这是当使用get方法和登录的回调提供的错误(敏感信息删了)什么我得到的输出:

options { apiVersion: '2006-03-01', 
    params: { Bucket: CENSORED_BUT_CORRECT }, 
    accessKeyId: CENSORED_BUT_CORRECT, 
    secretAccessKey: CENSORED_BUT_CORRECT, 
    signatureVersion: 'v4' } 
get params { Key: 'whitelist.json' } 
err { [AccessDenied: Access Denied] 
    message: 'Access Denied', 
    code: 'AccessDenied', 
    region: null, 
    time: Wed Sep 21 2016 11:17:50 GMT-0400 (EDT), 
    requestId: CENSORED, 
    extendedRequestId: CENSORED, 
    cfId: undefined, 
    statusCode: 403, 
    retryable: false, 
    retryDelay: 20.084538962692022 } 
/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:31 
      throw err; 
      ^

AccessDenied: Access Denied 
    at Request.extractError (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/services/s3.js:538:35) 
    at Request.callListeners (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/sequential_executor.js:105:20) 
    at Request.emit (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/sequential_executor.js:77:10) 
    at Request.emit (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:668:14) 
    at Request.transition (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:22:10) 
    at AcceptorStateMachine.runTo (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/state_machine.js:14:12) 
    at /Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/state_machine.js:26:10 
    at Request.<anonymous> (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:38:9) 
    at Request.<anonymous> (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/request.js:670:12) 
    at Request.callListeners (/Users/shawn/git/vigour-io/imaginate/node_modules/aws-sdk/lib/sequential_executor.js:115:18)

现在我不知道该怎么办,因为我认为我根据文档正确地做了些事情,但它不工作,错误信息没有说明为什么我的访问被拒绝......任何想法是什么下一步应该是让这个工作?

来源

2016-09-21 Shawn

回答

4

问题是我的新IAM用户没有附加策略。我将其分配给AmazonS3FullAccess政策,现在它可以正常工作。

来源

2016-09-23 17:15:13 Shawn

相关问题

 相关问题