S3上传自iOS Swift - AWSS3TransferUtility不上传

Question

兄弟们，

我有一个要求，在S3上传在一个认知-未经认证+认知认证状态。

(上传应该忽略认知凭证，但可能发生在两个州)

我有一个认知身份池，为它创建了一个未经授权的角色。我也有一个认知用户池。

我有一个专用的水桶。在尝试了几次快速代码+ S3策略+角色策略之后，它无法工作。

Swift:

    class func uploadfile(fileURL: URL, s3Key: String)
    {
        let credentialsProvider = AWSStaticCredentialsProvider(accessKey: awsAccessKey, secretKey: awsSecretKey)
        //let credentialsProvider = AWSCognitoCredentialsProvider(regionType:.EUCentral1, identityPoolId:"cognito_identity_pool_id")
        
        let configuration = AWSServiceConfiguration(region:.EUCentral1, credentialsProvider:credentialsProvider)
        AWSServiceManager.default().defaultServiceConfiguration = configuration
        
        let tuConf = AWSS3TransferUtilityConfiguration()
        tuConf.isAccelerateModeEnabled = false
        
        AWSS3TransferUtility.register(
            with: configuration!,
            transferUtilityConfiguration: tuConf,
            forKey: "utility-key"
        )
        
        guard let transferUtility = AWSS3TransferUtility.s3TransferUtility(forKey: "utility-key")
        else
        {
            return
        }

        let expression = AWSS3TransferUtilityUploadExpression()
        expression.progressBlock = {(task, progress) in
            print("progress \(progress.fractionCompleted)")
        }
        
        var completionHandler: AWSS3TransferUtilityUploadCompletionHandlerBlock?
        completionHandler = { (task, error) -> Void in
            print("task finished")
        }
        
        let bucketName = "bucket name (not ARN)"
        guard let data = try? Data.init(contentsOf: fileURL)
        else
        {
            return
        }
    
        transferUtility.uploadData(data as Data, bucket: bucketName, key: s3Key, contentType: "text/plain", expression: expression,
        completionHandler: completionHandler).continueWith
        {
            (task) -> AnyObject? in
            if let error = task.error {
                print("Error: \(error.localizedDescription)")
            }
            
            if let _ = task.result {
                print ("upload successful.")
            }
            
            return nil
        }
    }

这里是桶策略：

{
    "Version": "2012-10-17",
    "Id": "PolicyID",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "ARN for Cognito Identity pool unauthorized role"
            },
            "Action": "s3:*",
            "Resource": "ARN for bucket to upload"
        }
    ]
}

以下是身份池的角色策略--未经授权的角色(在上文的桶策略中提到)：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "*"
        }
    ]
}

注意：，我想限制上面的角色策略(因为这是客户未经授权的上传)，而不是完全访问，但是即使是完全访问上传也是不成功的。

我已经尝试过的：

• --上面的Swift代码--评论说，在多次调用uploadfile()时，我已经尝试过并失败了
• ，我只得到了“上传成功”。但不是“任务完成”或“进度”信息。第一次，我收到所有3条消息。
• 我已经清除了Keychain的缓存(用于模拟器)--只是为了在AWS侧更改后刷新凭据。没有结果。

谢谢您抽时间见我!

Answer 1

我用以下解决方案解决了这个问题：

桶策略：

{
    "Version": "2012-10-17",
    "Id": "PolicyID",
    "Statement": [
        {
            "Sid": "StatementID",
            "Effect": "Allow",
            "Principal": {
                "AWS": "bucket_arn"
            },
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "bucket_arn/*"
        }
    ]
}

与未经认证的认知角色相关的政策：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "s3:PutObject",
            "Resource": "bucket_arn"
        }
    ]
}

iOS代码更改为(添加了以下语句)：

tuConf.bucket = "bucket_name (not ARN, not full bucket URL, just name)"