我想让我的移动用户能够使用 Amazon Cognito 直接上传到 S3。
如果我替换以下内容:
"Resource": ["arn:aws:s3:::blinq-test/${cognito-identity.amazonaws.com:sub}/*"]
跟:
"Resource": ["arn:aws:s3:::blinq-test/*"]
一切正常,移动用户可以将数据上传到存储桶。问题是我希望每个用户都有自己的文件夹。
下面是附加到池"经过身份验证的用户"的角色策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": ["s3:ListBucket"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::blinq-test"],
"Condition": {"StringLike": {"s3:prefix": ["${cognito-identity.amazonaws.com:sub}/*"]}}
},
{
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::blinq-test/${cognito-identity.amazonaws.com:sub}/*"]
}
]
}
使用上述 - 我收到以下错误:
04-13 11:27:35.754 23269-24251/com.blinq I/AmazonHttpClient﹕ Unable to execute HTTP request: Write error: ssl=0x98cdf200: I/O error during system call, Connection reset by peer
javax.net.ssl.SSLException: Write error: ssl=0x98cdf200: I/O error during system call, Connection reset by peer
at com.android.org.conscrypt.NativeCrypto.SSL_write(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl$SSLOutputStream.write(OpenSSLSocketImpl.java:765)
at com.android.okio.Okio$1.write(Okio.java:70)
at com.android.okio.RealBufferedSink.emitCompleteSegments(RealBufferedSink.java:116)
at com.android.okio.RealBufferedSink.write(RealBufferedSink.java:44)
at com.android.okhttp.internal.http.HttpConnection$FixedLengthSink.write(HttpConnection.java:291)
at com.android.okio.RealBufferedSink.emitCompleteSegments(RealBufferedSink.java:116)
at com.android.okio.RealBufferedSink$1.write(RealBufferedSink.java:131)
at com.amazonaws.http.UrlHttpClient.write(UrlHttpClient.java:155)
at com.amazonaws.http.UrlHttpClient.createConnection(UrlHttpClient.java:143)
at com.amazonaws.http.UrlHttpClient.execute(UrlHttpClient.java:60)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:361)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:211)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3838)
at com.amazonaws.services.s3.AmazonS3Client.putObject(AmazonS3Client.java:1512)
我错过了什么?也许我的手机代码应该以某种方式将其定向到该文件夹?
它如下所示:
CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider(
context, "us-east-1:bea10200-deed-cafe-8c8c-c1b1884410aa", Regions.US_EAST_1);
Map<String, String> logins = new HashMap<String, String>();
final String accessToken = Session.getActiveSession().getAccessToken();
logins.put("graph.facebook.com", accessToken);
credentialsProvider.withLogins(logins);
TransferManager transferManager = new TransferManager(credentialsProvider);
String keyname = "test";
transferManager.upload("blinq-test", keyname, file);
答案就在上传过程本身中:
TransferManager transferManager = new TransferManager(credentialsProvider);
String keyname = credentialsProvider.getIdentityId() + "/test";
transferManager.upload("blinq-test", keyname, file);
确保上传到该用户的子文件夹