Cloudlink Amazon S3 備份儲存「拒絕存取」狀態代碼 403

Summary: 解決 Amazon S3 備份儲存組態上的錯誤「存取遭拒」狀態代碼 403。

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

測試 Amazon S3 備份儲存存取時「Access Denied」:


image.png
錯誤例如:
com.amazonaws.services.s3.model.AmazonS3Exception:拒絕存取 (服務:Amazon S3 狀態代碼:403 錯誤代碼:AccessDenied 要求 ID:WX2272G8B4XMDJKZ S3 延伸要求 ID:[...]

Cause

Amazon S3 上為儲存桶設定的儲存桶存取原則不正確。

Resolution

應用正確的存儲桶訪問策略。以下是有效的存儲桶訪問策略範例。 
{
    「版本」:"2012-10-17",
    「聲明」:[
        {
            「Sid」:“可視化編輯器0”,
            「效果」:“允許”,
            「動作」:[
                「s3:GetObjectVersionTagging」,
                “s3:複製物件”,
                “s3:GetObjectAcl”,
                「s3:GetIntelligentTieringConfiguration」,
                「s3:PutLifecycleConfiguration」,
                「s3:GetObjectVersionAcl」,
                “s3:PutObjectTagging”,
                “s3:刪除物件”,
                “s3:刪除對象標記”,
                「s3:GetBucketPolicyStatus」,
                「s3:GetObjectRetention」,
                「s3:DeleteObjectVersionTagging」,
                「s3:GetBucketNotification」,
                「s3:GetReplicationConfiguration」,
                “s3:放置物件”,
                “s3:GetObject”,
                「s3:PutBucketNotification」,
                “s3:PutBucketLogging”,
                「s3:GetAnalyticsConfiguration」,
                「s3:GetObjectVersionForReplication」,
                「s3:GetLifecycleConfiguration」,
                「s3:GetInventoryConfiguration」,
                “s3:GetBucketTagging”,
                「s3:DeleteObjectVersion」,
                「s3:GetBucketLogging」,
                “s3:ListBucketVersions”,
                “s3:複製標籤”,
                “s3:恢復物件”,
                “s3:ListBucket”,
                「s3:GetAccelerateConfiguration」,
                「s3:GetBucketPolicy」,
                「s3:PutEncryptionConfiguration」,
                「s3:GetEncryptionConfiguration」,
                “s3:中止多部分上傳”,
                “s3:PutBucketTagging”,
                “s3:GetObjectTagging”,
                「s3:GetMetricsConfiguration」,
                「s3:PutBucketVersioning」,
                「s3:GetBucketPublicAccessBlock」,
                “s3:ListBucketMultipartUploads”,
                「s3:PutObjectVersionTagging」,
                「s3:GetBucketVersioning」,
                “s3:GetBucketAcl”,
                “s3:放置庫存配置”,
                “s3:PutObjectRetention”,
                「s3:GetBucketCORS」,
                「s3:GetBucketLocation」,
                “s3:ReplicateDelete”,
                「s3:GetObjectVersion」
            ],
            「資源」:[
                「arn:aws:s3:::BUCKET」,
                「arn:aws:s3:::BUCKET/*」
            ]
        }
    ]
}

Affected Products

CloudLink SecureVM, CloudLink
Article Properties
Article Number: 000210609
Article Type: Solution
Last Modified: 26 Jun 2023
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.