亚马逊云端错误“拒绝访问”
Posted
技术标签:
【中文标题】亚马逊云端错误“拒绝访问”【英文标题】:amazon cloudfront Error "AccessDenied" 【发布时间】:2017-03-23 13:28:40 【问题描述】:这是我收到拒绝访问消息的代码。谁能告诉我如何解决这个问题。
我的存储桶政策
"cloudfront:user/CloudFront Origin Access Identity [ID]" with s3.
存储桶策略资源
“资源”:“arn:aws:s3:::bucket_name/*”
use Aws\CloudFront\CloudFrontClient;
require 'vendor/autoload.php';
$cloudFront = CloudFrontClient::factory([
'version' => 'latest',
'region' => 'ap-south-1'
]);
// Setup parameter values for the resource
$streamHostUrl = 'http://example.cloudfront.net';
$resourceKey = 'Bucket/1.jpg';
$expires = new DateTime('+1 minute');
// Create a signed URL for the resource using the canned policy
$url = $cloudFront->getSignedUrl([
'url' => $streamHostUrl . '/' . $resourceKey,
'expires' => $expires->getTimestamp(),
'private_key' => 'pk-private_key.pem',
'key_pair_id' => '<key_pair_id>'
]);
echo $url;
错误“拒绝访问”
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>EE8B43497F516AD3</RequestId>
<HostId>
jghWRjO1Rnvv0/hRaeBS4pThCFJcGN26r3wDcMAiyqWeVHRVLbNaSUiIQmR7dDiQus/j8QjUWhM=
</HostId>
</Error>
【问题讨论】:
似乎问题出在存储桶策略上。我们可以查看整个存储桶策略(您的实际源访问 ID 除外)吗? “版本”:“2008-10-17”,“Id”:“PolicyForCloudFrontPrivateContent”,“声明”:[ “Sid”:“1”,“效果”:“允许” , "Principal": "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity XXXXXXXXXXXXXXX" , "Action": "s3:GetObject", "Resource": "arn:aws:s3 :::bucket_name/*" ] 【参考方案1】:我正在解决这个问题
改变它
$resourceKey = 'Bucket/1.jpg'
到
$resourceKey = '1.jpg';
【讨论】:
以上是关于亚马逊云端错误“拒绝访问”的主要内容,如果未能解决你的问题,请参考以下文章
Windows Firewall ICS服务启动不了 拒绝访问错误5 重置后 自动关闭