阅读背景:

AWS S3 Java SDK:创建具有content-length-range的策略

来源:互联网 

I've been using the AWS Java SDK to create policy documents (as opposed to creating the policy JSON directly). I've been able to create a basic policy that has key prefix requirements, but I can't figure out how to build in file size requirements. I've seen this come through as a JSON array in samples:

我一直在使用AWS Java SDK来创建策略文档(而不是直接创建策略JSON)。我已经能够创建一个具有密钥前缀要求的基本策略,但我无法弄清楚如何构建文件大小要求。我在样本中看到这是一个JSON数组:

['content-length-range', 0, 1024]

But I can't seem to be able to do this programmatically, with the Java SDK. Browsing through the classes and docs don't seem to give a good hint either.

但是我似乎无法使用Java SDK以编程方式执行此操作。浏览类和文档似乎也没有提供良好的提示。

Is anyone doing this currently? What does the code look like?

有人这样做吗?代码是什么样的?

2 个解决方案

#1


You can make use of the NumericCondition class for adding the desired conditions to your s3 policy.

您可以使用NumericCondition类为s3策略添加所需的条件。

For example, you could use a policy like this:

例如,您可以使用以下策略:

    Policy policy = new Policy().withStatements(
        new Statement(Effect.Allow)
        .withActions(S3Actions.PutObject)
        .withResources(new Resource("arn:aws:s3:::foo_bucket"))
        .withConditions(
            new NumericCondition(NumericComparisonType.NumericLessThanEquals, "s3:content-length-range", "1024"),
            new NumericCondition(NumericComparisonType.NumericGreaterThan, "s3:content-length-range", "0")
        )
    );

Note that you need to prefix the key (content-length-range) with s3: to construct a valid policy.

请注意,您需要在密钥(content-length-range)前加上s3:前缀以构造有效的策略。

The policy generated from the code above looks like this, in Json:

在Json中,上面代码生成的策略如下所示:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "1",
      "Effect": "Allow",
      "Action": [
        "s3:PutObject"
      ],
      "Resource": [
        "arn:aws:s3:::foo_bucket"
      ],
      "Condition": {
        "NumericGreaterThan": {
          "s3:content-length-range": [
            "0"
          ]
        },
        "NumericLessThanEquals": {
          "s3:content-length-range": [
            "1024"
          ]
        }
      }
    }
  ]
}

#2


Looks like what I want to do can't be done (the condition keys don't exist for it). There is a different type of policy called a Browser Upload policy that can have this type of condition though. Link below:

看起来我想做的事情无法完成(条件键不存在)。有一种称为浏览器上载策略的不同类型的策略可以具有此类条件。下方链接:

Amazon S3. Maximum object size

亚马逊S3。最大对象大小


分享到: