我尝试使用 nodeJS 获取存储在 Amazon S3 中的文件,但 AWS 拒绝访问。
AccessDenied: Access Denied at Request.extractError (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/services/s3.js:699:35) at Request.callListeners (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/sequential_executor.js:106:20) at Request.emit (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/sequential_executor.js:78:10) at Request.emit (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:688:14) at Request.transition (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:22:10) at AcceptorStateMachine.runTo (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/state_machine.js:14:12) at /home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/state_machine.js:26:10 at Request. (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:38:9) at Request. (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:690:12) at Request.callListeners (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
获取对象展开:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::atlasfitness-progress-s3/*"
}
]
}
这是我的 CORS 政策:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"PUT",
"GET",
"DELETE"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]
这是 NodeJS 中的代码:
import AWS from 'aws-sdk';
const s3 = new AWS.S3({
region: process.env.AWS_BUCKET_REGION,
accessKeyId: process.env.AWS_ACCESS_KEY_ID,
secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
})
export const getFileS3 = (fileKey) => {
const dowloadParams = {
Key: fileKey,
Bucket: 'atlasfitness-progress-s3'
}
return s3.getObject(dowloadParams).createReadStream()
}
如果有人知道如何修复它,我将非常感谢您的帮助,我是 AWS 的初学者。
最佳答案
您的 ACL 配置未受影响,您的策略是正确的,您没有任何限制性存储桶策略,并且您的代码对我来说看起来也非常完美。
仔细检查fileKey
是否包含对象的完整 key ,例如folder1/folder2/folder3/myFile.extension
。
具有您指定的 key 的文件可能不存在 - 请确保 fileKey
的值与对象的 key 完全匹配。
您收到 403 Access Denied
响应而不是 404 Not Found
响应的原因是您没有 s3:ListBucket
的权限- 在我的回答 here 中阅读出于安全原因 AWS 返回 403
而不是 404
的原因.
关于node.js - Amazon S3 getObject() 收到 NodeJS 拒绝的访问,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69597144/