我使用以下策略在 AWS 上创建了一个存储桶:
{
"Version": "2012-10-17",
"Id": "Policy1677518734870",
"Statement": [
{
"Sid": "Stmt1677518732116",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::mybucket/*"
}
]
}
这个 CORS 政策:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"PUT",
"HEAD",
"GET"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]
我还创建了一个具有以下权限的用户:
Actions
Write
PutObject
arn:aws:s3:::mybucket/*
但是我不知道为什么在我尝试以编程方式在 S3 上上传文件时会出现以下错误:
访问 Denied33Y81Q97VF7M310JJWjKGPIjBiQzNZfNxPAOeAzuG/LHjtZuxSt2w+UwgY=AccessDenied
PS:我使用以下代码生成临时上传链接,并使用它以编程方式在 AWS 上上传文件:
const generatePreSignedPutUrl = async() =>{
const rawBytes = await randomBytes(16);
fileName = rawBytes.toString('hex');
const params = ({
Bucket: bucketName,
Key: fileName,
Expires: 60,
});
let uploadURL;
try {
uploadURL = await s3.getSignedUrlPromise('putObject', params);
} catch (err) {
console.log(err);
return;
}
return uploadURL;
}