默认情况下,S3 是安全的,并且一直是安全的——用户总是需要采取深思熟虑的、有目的的步骤来“意外地”公开他们的存储桶内容……但用户仍然偶尔会犯配置错误并暴露他们的存储桶。
AWS implemented two levels of anti-footgun protection, designed to make these mistakes more difficult -- there are bucket-level and acccount level settings to prevent public access to buckets, both of which need to "allow" you to do this. If either policy prevents you from making the bucket public, you'll get Access Denied
when trying to create or change a bucket policy if the system categorizes your new policy as even slightly "public."
在您继续并关闭安全装置之前,请注意系统正试图保护您免受自己的伤害。基本上没有正当理由允许*
写入或删除您的存储桶。"Principal": "*"
指任何用户,包括未经身份验证/匿名用户。
在 S3 控制台左侧导航栏中找到“此账户的公共访问设置”进行全局设置。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句