如何解决Artifactory HA s3-storage-v3 权限问题
使用最新的 helm chart 4.7.6 和最新的 artifactory build 7.12.6,我已经使用 S3V3 设置了后端。
我的 binarystore.xml 配置如下:
<provider id="s3-storage-v3" type="s3-storage-v3">
<testConnection>false</testConnection>
<region>us-east-1</region>
<bucketName>example-development-artifactory</bucketName>
<path>artifactory/filestore</path>
<endpoint>s3.us-east-1.amazonaws.com</endpoint>
<maxConnections>50</maxConnections>
<useInstanceCredentials>true</useInstanceCredentials>
<refreshCredentials>true</refreshCredentials>
<roleName>arn:aws:iam::<redacted>:role/artifactory-k8s-s3-role</roleName>
<usePresigning>false</usePresigning>
<signatureExpirySeconds>300</signatureExpirySeconds>
<kmsServerSideEncryptionKeyId>alias/development-artifactory-s3</kmsServerSideEncryptionKeyId>
<property name="s3service.server-side-encryption" value="aws:kms"></property>
</provider>
我不得不手动编辑此文件以输入许多值,因为舵图似乎不尊重我设置的覆盖值。
在 Artifactory 日志中,我收到了错误:
021-01-28T21:50:04.365Z [jfrt ] [ERROR] [7b2ddbde9c2d661d] [.c.EventualDownstreamWorker:74] [-cluster-s3-worker-2] - EventualDownstreamWorker caught error while operating on actions for sha1 1f210f9518d447d88bcfe69956ae04a9eee5ef66:
com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 9C984900E360C286; S3 Extended Request ID: 2VKwlNzoHrFAt3PF4ysuCzUEhh619NebawfUjAOJXNwrsd3wz/XqgFO63nGmfsR4DvuEIQ2zNWo=; Proxy: null)
Github https://github.com/jfrog/charts/issues/839 上有一个未解决的问题,但据说已经修复。
有谁知道我可以测试为什么我会遇到这些不断的拒绝问题的方法?谢谢!
角色政策:
{
"Version": "2012-10-17","Statement": [
{
"Action": "*","Effect": "Allow","Resource": "*"
}
]
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
