为什么我可以从本地主机上传到AWS S3,而不能从AWS Elastic BeanStalk实例上传到AWS S3? [英] Why am I able to upload to AWS S3 from my localhost, but not from my AWS Elastic BeanStalk instance?
问题描述
我正在使用AWS Credentials *连接到我的AWS S3.
I'm using AWS Credentials* to connect to my AWS S3.
final AmazonS3 s3 = new AmazonS3Client(
new AWSStaticCredentialsProvider(new BasicAWSCredentials("accessKey*",
"secretKey")));
s3.setRegion(Region.US_West.toAWSRegion());
s3.setEndpoint("s3-us-west-1.amazonaws.com");
我可以从本地主机上载图像,并且由于启用了版本控制,因此我可以在下一行获得versionId.
From my localhost, I'm able to upload image and since I have versioning enabled, I get versionId back for following line.
versionId = s3.putObject(new PutObjectRequest("bucketName", name, convFile)).getVersionId();
PS 3:上面的代码被包装在try-catch块中,并且catch块将其打印出来
PS 3: Above piece of code is wrapped in a try-catch block and the catch block prints this
You failed to upload fileName => fileName.jpeg (Permission denied)
但是,如果我从ElasticBeanStalk执行相同的代码,则会得到versionId = null,并且图像不会上传到S3.
But if I execute the same code from my ElasticBeanStalk, I get versionId=null and the image is not uploaded to S3.
我没有看到凭证异常.
I don't see credentials exception.
-
- 当我在Users(在IAM下)中搜索accessKey时,我意识到它没有分配给任何用户.
- When I searched the accessKey in Users(under IAM), I realized its not assigned to any user.
阅读所有文档后,我创建了两个用户. 我创建的一个小组下一个,另一个没有小组.
After reading all docs, I created two users. One under a group which I created, another without a group.
我使用了那些用户的accessKey,但仍然无法将图像上传到S3.
I used accessKey of those users and still I'm not able to uploaded image to S3.
这是我的存储桶策略的样子 创建两个用户之后
This is how my bucket policy looks like After creating the two users
{ "Version": "2012-10-17", "Id": "Policy1", "Statement": [ { "Sid": "Stmt1", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::someNumnber:user/username" }, "Action": "s3:*", "Resource": "arn:aws:s3:::bucketName" } ] }在创建两个用户之前(当localhost成功将映像上传到S3时,以下设置已经就绪)
Before creating two users (and the following set up was in place when localhost successfully uploads image to S3)
{ "Version": "2012-10-17", "Id": "Policy15", "Statement": [ { "Sid": "Stmt1", "Effect": "Allow", "Principal": "*", "Action": "s3:*", "Resource": [ "arn:aws:s3:::bcktName", "arn:aws:s3:::bcktName/*" ] } ] }我在四个晚上都对这个问题感到震惊. 请帮我. 我不使用Boto或其他任何东西. 它是直接上传到tomcat的战争文件,该文件必须将图像上传到S3.它可以在localhost上运行,但不能在S3上运行.
I'm totally struck on this issue for 4 evenings. Please help me. I don't use boto or any other stuff. Its a straight forward war file uploaded to tomcat, which has to upload images to S3. It works in localhost, but not in S3.
PS:这是我的CORS配置的样子
PS: This is how my CORS configuration look
<?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <MaxAgeSeconds>20000</MaxAgeSeconds> <ExposeHeader>ETag</ExposeHeader> <ExposeHeader>x-amz-server-side-encryption</ExposeHeader> <ExposeHeader>x-amz-request-id</ExposeHeader> <ExposeHeader>x-amz-id-2</ExposeHeader> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>PS 2:
我应该在访问控制列表中做任何事情吗?到目前为止,我看到所有者帐户与整个AWS的用户名相同.我认为从本地工作的访问密钥和秘密密钥也与所有者帐户有关.
Should I do anything in Access Control list? As of now, I see the owner account is same as username of my entire AWS. I think The access key and secret key that works from local also related to owner account.
推荐答案
在Web配置文件中检查您的AWSAccessKey和AWSSecretKey. Aws API使用这些凭据登录到您的s3.
check your AWSAccessKey and AWSSecretKey in web config file. Aws API uses these credentials to login into your s3.
同样的问题也出现在我身上,我通过执行此操作解决了该问题.
this same issue appeared to me as well, I solved it by doing this.
希望这对任何人都有帮助.
Hope that this would help anybody.
这篇关于为什么我可以从本地主机上传到AWS S3,而不能从AWS Elastic BeanStalk实例上传到AWS S3?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
