Hello,
New person using AWS S3 glacier and I ran across an issue. I am working with Veeam to add an S3 Glacier to my backup. I have the bucket created. I need to add the following to my bucket policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:DeleteObject",
"s3:PutObject",
"s3:GetObject",
"s3:RestoreObject",
"s3:ListBucket",
"s3:AbortMultipartUpload",
"s3:GetBucketVersioning",
"s3:ListAllMyBuckets",
"s3:GetBucketLocation",
"s3:GetBucketObjectLockConfiguration",
"ec2:DescribeInstances",
"ec2:CreateKeyPair",
"ec2:DescribeKeyPairs",
"ec2:RunInstances",
"ec2:DeleteKeyPair",
"ec2:DescribeVpcAttribute",
"ec2:CreateTags",
"ec2:DescribeSubnets",
"ec2:TerminateInstances",
"ec2:DescribeSecurityGroups",
"ec2:DescribeImages",
"ec2:DescribeVpcs",
"ec2:CreateVpc",
"ec2:CreateSubnet",
"ec2:DescribeAvailabilityZones",
"ec2:CreateRoute",
"ec2:CreateInternetGateway",
"ec2:AttachInternetGateway",
"ec2:ModifyVpcAttribute",
"ec2:CreateSecurityGroup",
"ec2:DeleteSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:DescribeRouteTables",
"ec2:DescribeInstanceTypes"
],
"Resource": "*"
}
]
}
Once I put this in, the first error I get is "Missing Principal". So I added "Principal": {}, under SID. But I have no idea what to put in the brackets. I changed it to "*" and that seemed to fix it. Not sure if this the right thing to do?
The next error I get is for all the EC2's and s3:ListAllMyBuckets give me an error of "Unsupported Action in Policy". This is where I get lost. Not sure what else to do. Do I need to open my bucket to public? Is this a permissions issue? Do I have to recreate the bucket and disable object-lock?
Please help.
AWS 官方已更新 1 年前