爲什麼我的S3通過Carrierwave上傳Fog失敗，因爲默認情況下切換到公共狀態？

我試圖配置CarrierWave，以便S3上傳將公開。爲什麼我的S3通過Carrierwave上傳Fog失敗，因爲默認情況下切換到公共狀態？

所以我改變了我原來的配置設置：

config.fog_credentials = { 
    :provider    => 'AWS', 
    :aws_access_key_id  => ENV['AWS_ACCESS_KEY_ID'], 
    :aws_secret_access_key => ENV['AWS_SECRET_ACCESS_KEY'], 
    :region     => 'eu-west-1' 
} 
config.fog_directory = 'com-blabla-bloblo' 
config.fog_public  = false 
config.fog_attributes = {'Cache-Control'=>'max-age=315576000'}

只需設置：

config.fog_public  = true

由於這種變化，我不能上傳圖片更多得到以下錯誤：

2015-07-21T12:41:39.868983+00:00 app[web.1]: Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden) 
2015-07-21T12:41:39.868984+00:00 app[web.1]: excon.error.response 
2015-07-21T12:41:39.868986+00:00 app[web.1]: :body   => "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>XXX</RequestId><HostId>YYY</HostId></Error>" 
2015-07-21T12:41:39.868987+00:00 app[web.1]: :headers  => { 
2015-07-21T12:41:39.868988+00:00 app[web.1]:  "Connection"  => "close" 
2015-07-21T12:41:39.868989+00:00 app[web.1]:  "Content-Type"  => "application/xml" 
2015-07-21T12:41:39.868991+00:00 app[web.1]:  "Date"    => "Tue, 21 Jul 2015 12:41:38 GMT" 
2015-07-21T12:41:39.868992+00:00 app[web.1]:  "Server"   => "AmazonS3" 
2015-07-21T12:41:39.868993+00:00 app[web.1]:  "x-amz-id-2"  => "ZZZ" 
2015-07-21T12:41:39.868994+00:00 app[web.1]:  "x-amz-request-id" => "ZZZ" 
2015-07-21T12:41:39.868995+00:00 app[web.1]: } 
2015-07-21T12:41:39.868997+00:00 app[web.1]: :local_address => "aaa.bbb.ccc.ddd" 
2015-07-21T12:41:39.868998+00:00 app[web.1]: :local_port => 41659 
2015-07-21T12:41:39.868999+00:00 app[web.1]: :reason_phrase => "Forbidden" 
2015-07-21T12:41:39.869000+00:00 app[web.1]: :remote_ip  => "aaa.bbb.ccc.ddd" 
2015-07-21T12:41:39.869001+00:00 app[web.1]: :status  => 403 
2015-07-21T12:41:39.869002+00:00 app[web.1]:): 
2015-07-21T12:41:39.869004+00:00 app[web.1]: app/controllers/image_uploads_controller.rb:25:in `create'

我懷疑這與我的AWS用戶的IAM配置文件有關：

{ 
    "Version": "2012-10-17", 
    "Statement": [ 
    { 
     "Effect": "Allow", 
     "Action": ["s3:ListBucket"], 
     "Resource": ["arn:aws:s3:::com-foo-bar"] 
    }, 
    { 
     "Effect": "Allow", 
     "Action": [ 
     "s3:PutObject", 
     "s3:GetObject", 
     "s3:DeleteObject" 
     ], 
     "Resource": ["arn:aws:s3:::com-foo-bar/*"] 
    } 
    ] 
}

該應用的主持人是Heroku。

任何想法如何解決這個問題？

來源

2015-07-21 Dirty Henry

看來，這個政策解決的事情：

{ 
    "Statement": [ 
     { 
      "Action": "s3:*", 
      "Effect": "Allow", 
      "Resource": [ 
       "arn:aws:s3:::com-foo-bar", 
       "arn:aws:s3:::com-foo-bar/*" 
      ], 
      "Condition": {} 
     }, 
     { 
      "Effect": "Allow", 
      "Action": "s3:ListAllMyBuckets", 
      "Resource": "arn:aws:s3:::*", 
      "Condition": {} 
     } 
    ] 
}

來源

2015-07-30 14:20:12

爲什麼我的S3通過Carrierwave上傳Fog失敗，因爲默認情況下切換到公共狀態？

回答

相關問題