将文件上传到EC2实例上的S3-权限被拒绝 [英] Upload file to S3 on EC2 instance - permission denied
问题描述
因此在我的应用程序中,用户将能够将其照片上传到S3存储,然后将返回的URL持久保存到数据库中。
So in my app, users will be able to upload their photos to S3 storage, then I will persist the returned Url to database.
我遇到的问题是,当我将应用程序部署到我的Elastic Beanstalk环境中时,由于此错误,我无法再将照片存储到S3存储中我在catalina.out日志中找到的内容:
The problem that I am having is that, when I deploy the app to my Elastic Beanstalk environment, I am not able to store photos to S3 storage anymore due to this error which I found in the catalina.out log:
java.io.IOException: Permission denied
at java.io.UnixFileSystem.createFileExclusively(Native Method)
at java.io.File.createNewFile(File.java:1012)
at com.common.util.file.FileUtil.convert(FileUtil.java:17)
如何设置权限才能修复此错误?
How can I set permission so that I can fix this bug?
当我在本地主机上运行该应用程序时,便可以将文件上传到S3存储桶中。我在此链接中将此示例代码用作实现模板上传文件。
When I run the app on the localhost, then I will be able to upload the file into the S3 bucket. I used this sample code in this link as implementation template for uploading the file.
这是我用来将多部分文件转换为文件的代码:
Here is the code that I use to convert a multipart file to a file:
public File convert(MultipartFile file) throws IOException {
File convFile = new File(file.getOriginalFilename());
convFile.createNewFile(); // Cause IOException
FileOutputStream fos = new FileOutputStream(convFile);
fos.write(file.getBytes());
fos.close();
return convFile;
}
推荐答案
在您的应用程序中,不要t附加aws凭证。创建一个应具有AWS S3权限的IAM角色。使用Elastic Beanstalk启动应用程序时,将此IAM角色附加到EC2实例。
In your application, don't append the aws credentials. Create an IAM role which should have permission for AWS S3. When launching application using Elastic Beanstalk, attach this IAM role to an EC2 Instance.
您的应用程序使用IAM角色对AWS S3进行身份验证以上传图像。最好的做法是将IAM角色附加有特定权限,以通过AutoScaling组或Elastic Beanstalk或直接从EC2仪表板启动EC2实例。
Your application uses IAM role to authenticate AWS S3 to upload the images. It is a best practices to attach IAM role with specific permission for launching EC2 instance through AutoScaling group or Elastic Beanstalk or directly from EC2 dashboard.
这篇关于将文件上传到EC2实例上的S3-权限被拒绝的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
