堆栈内存溢出
  简体   繁体   English

AWS S3 和 Django 返回“调用 PutObject 操作时发生错误 (AccessDenied)”

[英]AWS S3 and Django returns "An error occurred (AccessDenied) when calling the PutObject operation"

 原文  2018-02-10 15:27:44       django/ amazon-web-services/ amazon-s3

问题描述

I am trying to set up media and static files storage in an AWS S3 bucket, in a Django app, and am getting the following error when I try to run python manage.py collectstatic to put the static files into the bucket:我正在尝试在 Django 应用程序中的 AWS S3 存储桶中设置媒体和静态文件存储,当我尝试运行python manage.py collectstatic以将静态文件放入存储桶时出现以下错误:

botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied botocore.exceptions.ClientError: 调用 PutObject 操作时发生错误 (AccessDenied):拒绝访问

I am running boto3 and django storages.我正在运行 boto3 和 django 存储。 I have trawled through the other answers on here and tried the ideas in there first.我已经浏览了这里的其他答案,并首先尝试了那里的想法。 My access key etc is correct as I can connect to SES OK.我的访问密钥等是正确的,因为我可以连接到 SES OK。 I have CORS configured in the bucket.我在存储桶中配置了 CORS。

My bucket policy is我的存储桶策略是

{
"Id": "Policyxxx",
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "Stmtxxx",
        "Action": "s3:*",
        "Effect": "Allow",
        "Resource": [
            "arn:aws:s3:::bucketname/*",
            "arn:aws:s3:::bucketname"
        ],
        "Principal": {
            "AWS": [
                "arn:aws:iam::xxxx:user/xxxx"
            ]
        }
    }
]
}

My IAM user has AmazonS3FullAccess as below:我的 IAM 用户具有 AmazonS3FullAccess 如下:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": "s3:*",
        "Resource": "*"
    }
]
}

I have also tried creating my own policy and attaching that to the IAM user as follows:我还尝试创建自己的策略并将其附加到 IAM 用户,如下所示:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": "s3:*",
        "Resource": [
            "arn:aws:s3:::bucketname",
            "arn:aws:s3:::bucketname/*"
        ]
    }
]
}

None of these work so I am clearly missing something.这些都不起作用,所以我显然错过了一些东西。

1 个解决方案

解决方案1
 20  2018-11-22 18:00:42

I had the same error. 我有同样的错误。 And, unlike you, I was using the right user with proper IAM policies. 并且,与您不同,我使用正确的用户使用适当的IAM策略。

In the output of : 在输出中: 

python manage.py collectstatic

before the AccessDenied stack error, I could read this message from django-storage lib : 在AccessDenied堆栈错误之前,我可以从django-storage lib读取此消息:

UserWarning: The default behavior of S3Boto3Storage is insecure and will change in django-storages 2.0. UserWarning:S3Boto3Storage的默认行为是不安全的,将在django-storages 2.0中更改。 By default files and new buckets are saved with an ACL of 'public-read' (globally publicly readable). 默认情况下,文件和新存储桶使用“公共读取”(全局公开可读)的ACL保存。 Version 2.0 will default to using the bucket's ACL. 2.0版将默认使用存储桶的ACL。 To opt into the new behavior set AWS_DEFAULT_ACL = None, otherwise to silence this warning explicitly set AWS_DEFAULT_ACL. 要选择加入新行为集AWS_DEFAULT_ACL = None,否则要将此警告静默设置为显式设置AWS_DEFAULT_ACL。 "The default behavior of S3Boto3Storage is insecure and will change " “S3Boto3Storage的默认行为是不安全的,将会改变”

This led me to try it. 这让我尝试了。

By setting : 通过设置 : 

AWS_DEFAULT_ACL = None

Then, the static files were collected in the bucket. 然后,在存储桶中收集静态文件。

解决方案2
 1  2018-02-10 15:42:09

To allow django-admin.py collectstatic to automatically put your static files in your bucket set the following in your settings.py: 要允许django-admin.py collectstatic自动将静态文件放入存储桶,请在settings.py中设置以下内容: 

STATICFILES_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'

Also, verify your S3 bucket and keys are properly configured: See an example - https://simpleisbetterthancomplex.com/tutorial/2017/08/01/how-to-setup-amazon-s3-in-a-django-project.html 此外,验证您的S3存储桶和密钥是否已正确配置:请参阅示例 - https://simpleisbetterthancomplex.com/tutorial/2017/08/01/how-to-setup-amazon-s3-in-a-django-project。 HTML

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 [Django][AWS S3] botocore.exceptions.clienterror 调用 PutObject 操作时发生错误(访问被拒绝) - [Django][AWS S3] botocore.exceptions.clienterror an error occurred (accessdenied) when calling the PutObject operation botocore.exceptions.ClientError:调用PutObject操作时发生错误(AccessDenied):访问被拒绝 - botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied AWS Lambda,调用 PutObject 操作时发生错误 (InvalidToken):提供的令牌格式错误或无效 - AWS Lambda, An error occurred (InvalidToken) when calling the PutObject operation: The provided token is malformed or otherwise invalid (DJANGO + S3) + ZAPPA 调用 HeadObject 操作时发生错误 (400): Bad Request - (DJANGO + S3) + ZAPPA An error occurred (400) when calling the HeadObject operation: Bad Request Django 收集 static S3 调用 HeadObject 操作时发生错误(403):禁止访问 - Django collect static S3 An error occurred (403) when calling the HeadObject operation: Forbidden Django/AWS - 调用 HeadObject 操作时发生错误(403):禁止 - Django/AWS - An error occurred (403) when calling the HeadObject operation: Forbidden 调用 PutObject 操作时获取 (InvalidArgument):无 - getting (InvalidArgument) when calling the PutObject operation: None 在 Django 项目中引用 static 文件夹路径时,AWS S3 存储桶返回 403 错误 - AWS S3 bucket returns 403 error when referencing a static folder path in Django project 使用 django-storages 和 boto3 在 Django 中调用 CreateMultipartUpload 操作时出现 AccessDenied - AccessDenied when calling the CreateMultipartUpload operation in Django using django-storages and boto3 如何将Django .html指向S3媒体文件? 拒绝访问 - How to point Django .html to S3 media file? AccessDenied
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM