一、創建json文件,用於編輯policy,文件內容如下(Version並不重要),Action存在多種選擇(如步驟三所示),並且允許同時選擇多個,本文只是通過URL訪問Bucket中的文件,因此只選擇了s3:GetObject。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal":"*",
"Action":"s3:GetObject",
"Resource": "*"
}
]
}
二、配置Policy生效,命令如下(File爲上一步生成的文件)。
s3cmd setpolicy <File> s3://<Bucket>/ --acl-public //這一條命令使得<Bucket>中的所有內容權限爲Public(只讀),包括續傳的文件。其中,<File>爲上一步創建的json文件。
s3cmd setacl --acl-public s3://<Bucket>/ //這一條命令使得<Bucket>的文件目錄權限爲Public(只讀),即可通過URL看到<Bucket>中的文件目錄。
三、S3 Action
- s3:AbortMultipartUpload
- s3:CreateBucket
- s3:DeleteBucketPolicy
- s3:DeleteBucket
- s3:DeleteBucketWebsite
- s3:DeleteObject
- s3:DeleteObjectVersion
- s3:DeleteReplicationConfiguration
- s3:GetAccelerateConfiguration
- s3:GetBucketAcl
- s3:GetBucketCORS
- s3:GetBucketLocation
- s3:GetBucketLogging
- s3:GetBucketNotification
- s3:GetBucketPolicy
- s3:GetBucketRequestPayment
- s3:GetBucketTagging
- s3:GetBucketVersioning
- s3:GetBucketWebsite
- s3:GetLifecycleConfiguration
- s3:GetObjectAcl
- s3:GetObject
- s3:GetObjectTorrent
- s3:GetObjectVersionAcl
- s3:GetObjectVersion
- s3:GetObjectVersionTorrent
- s3:GetReplicationConfiguration
- s3:ListAllMyBuckets
- s3:ListBucketMultiPartUploads
- s3:ListBucket
- s3:ListBucketVersions
- s3:ListMultipartUploadParts
- s3:PutAccelerateConfiguration
- s3:PutBucketAcl
- s3:PutBucketCORS
- s3:PutBucketLogging
- s3:PutBucketNotification
- s3:PutBucketPolicy
- s3:PutBucketRequestPayment
- s3:PutBucketTagging
- s3:PutBucketVersioning
- s3:PutBucketWebsite
- s3:PutLifecycleConfiguration
- s3:PutObjectAcl
- s3:PutObject
- s3:PutObjectVersionAcl
- s3:PutReplicationConfiguration
- s3:RestoreObject