I have created a s3 bucket.I have file inside tat bucket.I hosted it as static web site.Following is my buket policy.Every one should be able to view content of my file and only specified user id should be able to list the bucket elements.Following is my bucket policy.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::<!-- account id without hyphen -->:root"
},
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::<!-- bucket name -->"
},
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<!-- bucket name -->/*"
}
]
}
Following is my java program to check the list of bucket content. Issues: 1)It is not listing the file present inside my bucket ( i have given my own access key and secret key) 2)How to check whether particular account id which i have given in bucket policy has access to list the bucket content.Where to give the account id and check in program?
package Cloud.AWS_CloudTest;
import java.io.IOException;
import com.amazonaws.AmazonClientException;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.regions.Region;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3Client;
import com.amazonaws.services.s3.model.ListObjectsRequest;
import com.amazonaws.services.s3.model.ObjectListing;
import com.amazonaws.services.s3.model.S3ObjectSummary;
public class App {
private static String bucketName = "bucket name";
public static void main( String[] args ) throws IOException{
AWSCredentials basicCredentials = new BasicAWSCredentials("access key", "secret key");
AmazonS3 s3client = new AmazonS3Client(basicCredentials);
s3client.setRegion(Region.getRegion(Regions.US_WEST_2));
try {
System.out.println("Listing objects");
ListObjectsRequest listObjectsRequest = new ListObjectsRequest()
.withBucketName(bucketName)
.withPrefix("m");
ObjectListing objectListing;
do {
objectListing = s3client.listObjects(listObjectsRequest);
for (S3ObjectSummary objectSummary :
objectListing.getObjectSummaries()) {
System.out.println(" - " + objectSummary.getKey() + " " +
"(size = " + objectSummary.getSize() +
")");
}
listObjectsRequest.setMarker(objectListing.getNextMarker());
} while (objectListing.isTruncated());
} catch (AmazonServiceException ase) {
System.out.println("Caught an AmazonServiceException, " +
"which means your request made it " +
"to Amazon S3, but was rejected with an error response " +
"for some reason.");
System.out.println("Error Message: " + ase.getMessage());
System.out.println("HTTP Status Code: " + ase.getStatusCode());
System.out.println("AWS Error Code: " + ase.getErrorCode());
System.out.println("Error Type: " + ase.getErrorType());
System.out.println("Request ID: " + ase.getRequestId());
} catch (AmazonClientException ace) {
System.out.println("Caught an AmazonClientException, " +
"which means the client encountered " +
"an internal error while trying to communicate" +
" with S3, " +
"such as not being able to access the network.");
System.out.println("Error Message: " + ace.getMessage());
}
}
}
Please tell why its not listing and how to check the access for the particular account id i have given in the bucket policy.
Aucun commentaire:
Enregistrer un commentaire