Amazon S3 IAM用户可以"访问S3存储桶"

我的用户收到了消息

您无权使用Amazon S3控制台

我不明白为什么.用户属于我在此帮助下制定此策略的组Policy Generator

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1449507915000",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::fouraxis"
            ]
        }
    ]
}

在Policy Generator我选择了以下内容:

效果:允许

AWS服务:Amazon S3

亚马逊资源名称(ARN):"arn:aws:s3 ::: fouraxis"

存储桶名称是 fouraxis

显然,我错过了一些东西.

S3控制台使用s3:ListAllMyBucketsAPI方法来驱动UI.您需要为用户添加此权限才能登录控制台并浏览S3.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1449507915000",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::fouraxis"
            ]
        },
        {
            "Sid": "ListAllBuckets",
            "Action": "s3:ListAllMyBuckets",
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}