Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden) [英] Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden)
问题描述
当我尝试将图片上传到汽车"对象时,我被拒绝访问 S3.但是自从我添加了 S3 以来,assets 文件夹中的站点图像显示得很好.我得到的具体错误是:
When I try to upload a picture to a "Car" object I'm denied access to S3. But the site images that are in the assets folder have displayed just fine since I added S3. The specific error that I get is this:
2015-02-17T14:40:48.459629+00:00 app[web.1]: Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden)
2015-02-17T14:40:48.459630+00:00 app[web.1]: excon.error.response
2015-02-17T14:40:48.459635+00:00 app[web.1]: "Connection" => "close"
2015-02-17T14:40:48.459637+00:00 app[web.1]: "Content-Type" => "application/xml"
2015-02-17T14:40:48.459639+00:00 app[web.1]: "Date" => "Tue, 17 Feb 2015 14:40:48 GMT"
2015-02-17T14:40:48.459640+00:00 app[web.1]: "Server" => "AmazonS3"
2015-02-17T14:40:48.459632+00:00 app[web.1]: :body => "<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>2CE306ACD51F02A1</RequestId><HostId>tKLXUAKxyDFTMExl7kE+AuVVsEJOFqXh983li6N7R2UlYDXv1Z3GJRvW5zy1XIXVs2zArp310vg=</HostId></Error>"
2015-02-17T14:40:48.459642+00:00 app[web.1]: "x-amz-id-2" => ""part of secret key"="
密钥的一部分"显然被编辑了.我尝试创建不同的用户并使用新密钥,但这没有用.不是从这里去哪里.
With "part of secret key" obviously redacted. I've tried creating a different user and using new keys, but that hasn't worked. Not where to go from here.
app/uploaders/picture_uploader
class PictureUploader < CarrierWave::Uploader::Base
include CarrierWave::MiniMagick
process resize_to_limit: [400, 400]
if Rails.env.production?
storage :fog
else
storage :file
end
# Override the directory where uploaded files will be stored.
# This is a sensible default for uploaders that are meant to be mounted:
def store_dir
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
end
# Add a white list of extensions which are allowed to be uploaded.
def extension_white_list
%w(jpg jpeg gif png)
end
end
carrier_wave.rb
if Rails.env.production?
CarrierWave.configure do |config|
config.fog_credentials = {
# Configuration for Amazon S3
:provider => 'AWS',
:aws_access_key_id => ENV['S3_ACCESS_KEY'],
:aws_secret_access_key => ENV['S3_SECRET_KEY']
}
config.fog_directory = ENV['S3_BUCKET']
end
end
我相信这是所有相关文件,如果还有更多要查看的文件,请告诉我.不确定指定区域或高级用户是否会有所帮助,似乎不会.
I believe that's all of the relevant files, let me know if there's more to see. Not sure if specifying a region or a power user would help, doesn't seem like it would.
推荐答案
我遇到了同样的错误,解决方案是从 AWS 管理控制台附加管理访问策略:
I was encountering the same error, and the solution was to attach administrative access policies from the AWS Management Console:
1) 通过 http://aws.amazon.com/iam/<登录 AWS 管理控制台/a>
1) Sign in to the AWS Management Console at http://aws.amazon.com/iam/
2) 单击左侧导航窗格中的策略"
2) Click "Policies" from the Navigation Pane on the left
3) 选择AdministratorAccess"策略
3) Select the "AdministratorAccess" policy
4) 点击页面顶部的策略操作 > 附加
4) Click Policy Actions > Attach at the top of the page
5) 选择与我的 S3_ACCESS_KEY、S3_SECRET_KEY 和 S3_BUCKET 关联的用户
5) Select the user associated with my S3_ACCESS_KEY, S3_SECRET_KEY, and S3_BUCKET
6) 点击附加政策"
仅在 https://console.aws.amazon.com/上授予我的存储桶中的所有权限s3/home 不够用.
这篇关于Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!