網頁

2023/5/9

AWS S3 bucket access point policy Resource 格式

AWS S3 bucket的access point的policy的Resource格式為。

arn:aws:s3:<REGION>:<ACCOUNT>:accesspoint/<ACCESS_POINT_NAME>/object/*


  • <REGION> - AWS region,例如ap-northeast-1
  • <ACCOUNT> - AWS帳戶編號,例如423456789012
  • <ACCESS_POINT_NAME> - access point的名稱。

例如下面設定帳號423456789012在region ap-northeast-1的bucket的access pointmy-access-point的policy,Resource設為
arn:aws:s3:ap-northeast-1:423456789012:accesspoint/my-access-point/object/*

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowAllGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:ap-northeast-1:423456789012:accesspoint/my-access-point/object/*"
        }
    ]
}

注意bucket policy和access point policy的Resource格式是不同的。Bucket policy的Resource格式為

arn:aws:s3:::<BUCKET_NAME>/*


沒有留言:

張貼留言