403禁止在EC2实例上使用Amazon S3的Django Storages css / js文件

Question

I have been googling for two days and none of the answers are resolving the issue.

The setup

AWS_S3_ACCESS_KEY_ID = 'xxxxxxx'
AWS_S3_SECRET_ACCESS_KEY = 'xxxxxxxxx'
AWS_STORAGE_BUCKET_NAME = 'my-bucket.mycompany.com'
COMPRESS_URL = 'http://{}.s3.amazon.com/'.format(AWS_STORAGE_BUCKET_NAME)
STATIC_URL = COMPRESS_URL
AWS_S3_FILE_OVERWRITE = True
AWS_S3_SECURE_URLS = True
AWS_QUERYSTRING_AUTH = False
AWS_S3_CUSTOM_DOMAIN = '{}.s3-external-3.amazonaws.com'.format(AWS_STORAGE_BUCKET_NAME)

The googling

Incorrect date/time on server : This an EC-2 instance, but even though I installed yum install ntp ntpdate ntp-doc -- NO LUCK

AWS_QUERY_STRING_AUTH : Multiple sources online say to do this, but didn't resolve my issue

AWS_QUERY_STRING_AUTH : Yet again

AWS_S3_CUSTOM_DOMAIN No luck here either

The experiment

# ON THE EC2 BOX
./manage.py shell
from boto.s3.connection import S3Connection
from django.conf import settings
conn = S3Connection(settings.AWS_S3_ACCESS_KEY_ID, settings.AWS_S3_SECRET_ACCESS_KEY)
b = conn.get_bucket('my-bucket.mycompany.com')
key = b.get_key('500.html')
print key.get_contents_as_string()  # WORKS FINE

However when I run ./manage.py compress I get

CommandError: An error occured during renderinghome_4770.html:
'https://mybucket.mycompany.com.s3-external-3.amazonaws.com/css/smoothness/jquery-ui-1.10.1.custom.css'
 isn't accessible via COMPRESS_URL    ('http://mybucket.mycompany.com.s3.amazon.com/') and can't be compressed

Before you ask, yes the file is available on that bucket. I also tried the traditional way of django-storages with offline compression, using <project-root>/static as STATIC_ROOT , then uploading the contents of ./manage.py collectstatic AND ./manage.py compress :, ie the resulting css/js and manifest_1.json files to the bucket, but in the browser, I still get 403 Forbidden on css/js files

Any ideas on what may be going on??

Answer 1

Have you set up a CORS policy on your bucket? You might also need to add a permission to allow "Everyone" to "List" objects in the bucket (although try the CORS policy first)

Edit: Here are the docs: http://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html

Answer 2

Did you check your css file metadata ( ==> File ==> Properties)?

make sure they are set as css files and not as: "binary/octet-stream"

Like AWS does sometime.

Answer 3

I had a similar problem that seems to be caused by mixing storage.CachedStaticFilesStorage with storage.backends.s3boto.S3BotoStorage .

I didn't have time to diagnose the problem (which probably involved my CACHES setup), but not using storage.CachedStaticFilesStorage with S3 fixed my issue.

I am using the django-require-s3 package and had the following settings:

DEFAULT_FILE_STORAGE = STATICFILES_STORAGE = 'require_s3.storage.OptimizedCachedStaticFilesStorage'

First solution: https://stackoverflow.com/a/19110977/1074659

# Add
AWS_QUERYSTRING_AUTH = False

Second solution:

# Alter
DEFAULT_FILE_STORAGE = STATICFILES_STORAGE = 'require_s3.storage.OptimizedStaticFilesStorage'