java - 如何对多个对象设置S3存储桶策略?

标签 java amazon-s3

如何对多个对象设置S3存储桶策略?

Statement allowRestrictedWriteStatement = new Statement(Effect.Allow)
             .withPrincipals(new Principal("12345678910"))
             .withActions(S3Actions.DeleteObject)
             .withResources(new S3ObjectResource(myBucketName, "folder1/folder2"));

     Statement allowRestrictedWriteStatement2 = new Statement(Effect.Deny)
             .withPrincipals(new Principal("12345678910"))
             .withActions(S3Actions.DeleteObject)
             .withResources(new S3ObjectResource(myBucketName, "folder1/folder3"));

     Policy policy = new Policy()
             .withStatements(allowRestrictedWriteStatement,allowRestrictedWriteStatement2);

     AWSCredentials credentials = new BasicAWSCredentials("xxxxxxxxxxxxx", "yyyyyyyyyyy");
     AmazonS3 s3client = new AmazonS3Client(credentials);
     s3client.setBucketPolicy(myBucketName,policy.toJson());

借助上述代码,我可以设置两个存储桶对象的允许和拒绝权限。如果我们需要对两个列表上可用的对象设置允许和拒绝,即 listAllow 和 listDeny 各包含 5 个对象,并且我需要对列表的这些对象设置存储桶策略,该怎么办?有什么建议吗?

最佳答案

我找到了解决方案 - 

List<Statement> newlistAllow = new ArrayList <>();
 for (CommonPrefix  objectToDelete:listAllow) {
     Statement allowRestrictedWriteStatement = new Statement(Statement.Effect.Allow)
             .withPrincipals(new Principal("12345678910"))
             .withActions(S3Actions.DeleteObject)
             .withResources(new S3ObjectResource(bucketNameToUse,objectToDelete.toString()));
     newlistAllow.add(allowRestrictedWriteStatement);
 }

 List<Statement> newlistDeny = new ArrayList <>();
 for (CommonPrefix objectToRetain:listDeny) {
     Statement denyRestrictedWriteStatement = new Statement(Statement.Effect.Deny)
             .withPrincipals(new Principal("12345678910"))
             .withActions(S3Actions.DeleteObject)
             .withResources(new S3ObjectResource(bucketNameToUse,objectToRetain.toString()));
     newlistDeny.add(denyRestrictedWriteStatement);
 }

 Policy policyDeny = new Policy();
 policyDeny.setStatements(newlistDeny);
 Policy policyAllow = new Policy();
 policyAllow.setStatements(newlistAllow);

 AWSCredentials credentials = new BasicAWSCredentials("xxxxxxxxxxxxxxxxx", "yyyyyyyyyyyyyyyyyyyy");
 AmazonS3 s3client = new AmazonS3Client(credentials);

 s3client.setBucketPolicy(bucketNameToUse,policyAllow.toJson());
 s3client.setBucketPolicy(bucketNameToUse,policyDeny.toJson());

关于java - 如何对多个对象设置S3存储桶策略?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54093469/

上一篇:java - 如何在 Spring Remoting 中设置动态 header

下一篇:java - 如何将准备好的语句从电子表格行项目循环到 derby 数据库

相关文章:

java - JSONObject ["name"] 未找到

java - 使用通用将 x 元素从 map 复制到另一个 map

java - 为什么我应该在 addActionListener 之前定义 JLabel?

amazon-web-services - 为什么 CloudFront 会根据 Accept-Encoding 改变 CORS header 响应?

java - 如何在 Swing 中有效地绘制图像的子部分

java - AWS 免费套餐使用

ruby - 如何将自定义存储桶 URL 与 aws-sdk 结合使用

python - AWS Lambda 在 S3 存储桶上触发到 Neptune "Failed to start new load for the source"

python-3.x - boto3 - AWS lambda - 在存储桶之间复制文件

javascript - 使用 Amazon Elastic Transcoder 获取视频文件的视频分辨率

©2024 IT工具网  联系我们