问题描述
我是 django-storages 的新手,我对其 AWS_DEFAULT_ACL 设置变量的用途感到困惑。我认为当它设置为 None
时,我的 AWS S3 存储桶上的存储桶策略将得到遵守。这似乎确实是真的。
我已关闭对我的存储桶的公开访问,并使用以下存储桶策略:
{
"Version": "2012-10-17","Id": "Policy1621539673651","Statement": [
{
"Sid": "Stmt1621539665305","Effect": "Allow","Principal": {
"AWS": "arn:aws:iam::063896663644:user/mylogin"
},"Action": [
"s3:Getobject","s3:GetobjectAcl","s3:PutObject","s3:PutObjectAcl"
],"Resource": "arn:aws:s3:::mybucket/*"
},{
"Sid": "Stmt1621539600741","Principal": {
"AWS": "*"
},"Action": "s3:Getobject","Resource": "arn:aws:s3:::mybucket/static/*"
}
]
}
我可以运行 python manage.py collectstatic
并且它可以毫无问题地上传文件。
但是,如果我将 AWS_DEFAULT_ACL 更改为 'public-read'
,我在运行 collectstatic 时会出错。
copying '/Users/dylan/Dev/myapp/static/css/bootstrap-datetimepicker.css'
Traceback (most recent call last):
File "/Users/dylan/Dev/myapp/./manage.py",line 15,in <module>
execute_from_command_line(sys.argv)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/core/management/__init__.py",line 401,in execute_from_command_line
utility.execute()
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/core/management/__init__.py",line 395,in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/core/management/base.py",line 330,in run_from_argv
self.execute(*args,**cmd_options)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/core/management/base.py",line 371,in execute
output = self.handle(*args,**options)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/contrib/staticfiles/management/commands/collectstatic.py",line 194,in handle
collected = self.collect()
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/contrib/staticfiles/management/commands/collectstatic.py",line 118,in collect
handler(path,prefixed_path,storage)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/contrib/staticfiles/management/commands/collectstatic.py",line 355,in copy_file
self.storage.save(prefixed_path,source_file)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/django/core/files/storage.py",line 52,in save
return self._save(name,content)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/storages/backends/s3boto3.py",line 447,in _save
obj.upload_fileobj(content,ExtraArgs=params)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/boto3/s3/inject.py",line 619,in object_upload_fileobj
return self.Meta.client.upload_fileobj(
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/boto3/s3/inject.py",line 539,in upload_fileobj
return future.result()
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/s3transfer/futures.py",line 106,in result
return self._coordinator.result()
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/s3transfer/futures.py",line 265,in result
raise self._exception
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/s3transfer/tasks.py",line 126,in __call__
return self._execute_main(kwargs)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/s3transfer/tasks.py",line 150,in _execute_main
return_value = self._main(**kwargs)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/s3transfer/upload.py",line 694,in _main
client.put_object(Bucket=bucket,Key=key,Body=body,**extra_args)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/botocore/client.py",line 386,in _api_call
return self._make_api_call(operation_name,kwargs)
File "/Users/dylan/.local/share/virtualenvs/myapp-MCS7ouoX/lib/python3.9/site-packages/botocore/client.py",line 705,in _make_api_call
raise error_class(parsed_response,operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied
- AWS_DEFAULT_ACL 是否仅在您创建存储桶时使用 向所有人公开?
- 如果设置,它是否将给定的 ACL(例如
'public-read'
)应用到 上传的文件? - 设置
'public-read'
后,我可以不运行 collectstatic 吗?
[我正在探索这一切,因为我是 having troubles making my static files available to all,想知道 AWS_DEFAULT_ACL 是否有帮助。]
文档没有帮助,我对系统的工作方式感到非常困惑,正如您可能知道的那样......
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)