1 Answer
- Newest
- Most votes
- Most comments
0
【以下的回答经过翻译处理】 假设 S3 存储桶为私有并已创建了 OAI。在存储桶策略中,将前缀“public”添加到 ARN 中:"Resource": "arn:aws:s3:::mybucket/public/*"
您还可以添加明确的拒绝语句:{ "Effect": "Deny", "Principal": { "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ABCDEFGHIJ1234" }, "Action": "s3:*", "Resource": "arn:aws:s3:::mybucket/private/*"}
Relevant content
- asked 10 months ago
- asked a year ago
- Accepted Answerasked 2 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago