[英]AWS S3 and Django returns "An error occurred (AccessDenied) when calling the PutObject operation"
I am trying to set up media and static files storage in an AWS S3 bucket, in a Django app, and am getting the following error when I try to run python manage.py collectstatic
to put the static files into the bucket:我正在尝试在 Django 应用程序中的 AWS S3 存储桶中设置媒体和静态文件存储,当我尝试运行
python manage.py collectstatic
以将静态文件放入存储桶时出现以下错误:
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied
botocore.exceptions.ClientError: 调用 PutObject 操作时发生错误 (AccessDenied):拒绝访问
I am running boto3 and django storages.我正在运行 boto3 和 django 存储。 I have trawled through the other answers on here and tried the ideas in there first.
我已经浏览了这里的其他答案,并首先尝试了那里的想法。 My access key etc is correct as I can connect to SES OK.
我的访问密钥等是正确的,因为我可以连接到 SES OK。 I have CORS configured in the bucket.
我在存储桶中配置了 CORS。
My bucket policy is我的存储桶策略是
{
"Id": "Policyxxx",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmtxxx",
"Action": "s3:*",
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::bucketname/*",
"arn:aws:s3:::bucketname"
],
"Principal": {
"AWS": [
"arn:aws:iam::xxxx:user/xxxx"
]
}
}
]
}
My IAM user has AmazonS3FullAccess as below:我的 IAM 用户具有 AmazonS3FullAccess 如下:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
I have also tried creating my own policy and attaching that to the IAM user as follows:我还尝试创建自己的策略并将其附加到 IAM 用户,如下所示:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::bucketname",
"arn:aws:s3:::bucketname/*"
]
}
]
}
None of these work so I am clearly missing something.这些都不起作用,所以我显然错过了一些东西。
I had the same error. 我有同样的错误。 And, unlike you, I was using the right user with proper IAM policies.
并且,与您不同,我使用正确的用户使用适当的IAM策略。
In the output of : 在输出中:
python manage.py collectstatic
before the AccessDenied stack error, I could read this message from django-storage
lib : 在AccessDenied堆栈错误之前,我可以从
django-storage
lib读取此消息:
UserWarning: The default behavior of S3Boto3Storage is insecure and will change in django-storages 2.0.
UserWarning:S3Boto3Storage的默认行为是不安全的,将在django-storages 2.0中更改。 By default files and new buckets are saved with an ACL of 'public-read' (globally publicly readable).
默认情况下,文件和新存储桶使用“公共读取”(全局公开可读)的ACL保存。 Version 2.0 will default to using the bucket's ACL.
2.0版将默认使用存储桶的ACL。 To opt into the new behavior set AWS_DEFAULT_ACL = None, otherwise to silence this warning explicitly set AWS_DEFAULT_ACL.
要选择加入新行为集AWS_DEFAULT_ACL = None,否则要将此警告静默设置为显式设置AWS_DEFAULT_ACL。 "The default behavior of S3Boto3Storage is insecure and will change "
“S3Boto3Storage的默认行为是不安全的,将会改变”
This led me to try it. 这让我尝试了。
By setting : 通过设置 :
AWS_DEFAULT_ACL = None
Then, the static files were collected in the bucket. 然后,在存储桶中收集静态文件。
To allow django-admin.py collectstatic to automatically put your static files in your bucket set the following in your settings.py: 要允许django-admin.py collectstatic自动将静态文件放入存储桶,请在settings.py中设置以下内容:
STATICFILES_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'
Also, verify your S3 bucket and keys are properly configured: See an example - https://simpleisbetterthancomplex.com/tutorial/2017/08/01/how-to-setup-amazon-s3-in-a-django-project.html 此外,验证您的S3存储桶和密钥是否已正确配置:请参阅示例 - https://simpleisbetterthancomplex.com/tutorial/2017/08/01/how-to-setup-amazon-s3-in-a-django-project。 HTML
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.