堆栈内存溢出
  简体   繁体   English

AWS S3 存储桶,上传的图像文件只有在手动设置个别 object 权限为公共后才能访问

[英]AWS S3 bucket , uploaded image files are accessible only after setting individual object permission to public manually

 原文  2020-06-23 11:30:44       amazon-web-services/ amazon-s3

问题描述

I have created a bucket & after image uploaded from my website development server it store as XML file, If I go to bucket and make it public manually it becomes available to all and I am able to get that file.我已经创建了一个存储桶,并且在从我的网站开发服务器上传图像后,它将存储为 XML 文件,如果我将 go 存储到存储桶中并手动将其公开,则它可供所有人使用,并且我可以获取该文件。

What might be the problem here?这里可能有什么问题?

setting each uploaded file to public as below将每个上传的文件设置为公开,如下所示在此处输入图像描述

I set access= objects can be public我设置access= objects can be public

Block all public access = False

CORS CONFIGURATION CORS 配置

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <ExposeHeader>ETag</ExposeHeader>
    <ExposeHeader>x-amz-meta-custom-header</ExposeHeader>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

INITIAL ERROR WHEN TRYING TO ACCESS THE UPLOADED IMAGE尝试访问上传的图像时出现初始错误

This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Error>
<Code>InvalidRequest</Code>
<Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message>
<RequestId>XX</RequestId>
<HostId>XXZjXX</HostId>
</Error>

2 个解决方案

解决方案1
 1  2020-06-23 11:33:24

The setting itself is to allow them the ability to be public.设置本身就是允许他们公开的能力。

If you want all objects (or those with a specific prefix) then take a look at create a S3 bucket policy that allows the S3:GetObject permission.如果您想要所有对象(或具有特定前缀的对象),请查看创建允许S3:GetObject权限的 S3 存储桶策略。

An example of this bucket policy is available here . 此处提供了此存储桶策略的示例。

解决方案2
 1 已采纳  2020-06-23 11:36:24

If I go to bucket and make it public manually it becomes available to all and I am able to get that file.如果我将 go 存储到桶中并手动将其公开,则所有人都可以使用它,并且我可以获取该文件。 What might be the problem here?这里可能有什么问题?

You don't have to do it manually.您不必手动操作。 Instead, to automatically make all objects in your bucket publicly readable, a bucket policy can be added:相反,要自动使存储桶中的所有对象公开可读,可以添加存储桶策略

For example:例如:

{
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"PublicRead",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::<your-bucket-name>/*"]
    }
  ]
}

You will also need to keep block public access settings disabled.您还需要禁用阻止block public access settings

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 通过AWS CLI同步后,AWS S3存储桶中的文件不公开 - Files in aws s3 bucket are not public after they are synced by aws cli 在Laravel中上传后将AWS S3文件权限设置为公开 - Setting aws s3 file permission to public after upload in Laravel AWS S3 对象加密 + 可公开访问? - AWS S3 Object encryption + public accessible? s3存储桶中的我的映像可供公众访问,这不应该是 - My image in s3 bucket is accessible to public which is not supposed to be AWS S3 存储桶文件夹文件和子文件夹使用 php 授予公共权限 - AWS S3 bucket folder files and sub folder give public permission using php 具有公共访问权限将对象保存在AWS S3存储桶中 - Save objects in AWS S3 bucket with public access permission 使用 aws cli 将 S3 object url 上传到存储桶后,如何获取它? - How to get S3 object url after it's been uploaded to a bucket using aws cli? 仅可从我的 ElasticBeanStalk 实例访问 AWS S3 存储桶 - AWS S3 Bucket Accessible from my ElasticBeanStalk Instance only 上传的文件在我的项目和 AWS S3 存储桶中重复 - Uploaded files duplicated in my project and AWS S3 bucket 使用Public-Accessible S3存储桶时,如何与其他Public-Accessible S3存储桶和对象名称不冲突? - When using Public-Accessible S3 buckets, how are there not collisions with other Public-Accessible S3 bucket and object names?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM