本文介绍了django存储对s3 IAM用户需要哪些权限?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
问题是,锁定的s3 IAM用户成功使用django-storage的最低要求是多少?目前我已经使用了一些类似于
As the question asks, what are the minimum required permissions for a locked down s3 IAM user to use django-storages successfully? At the present time I've used something like
{
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:ListAllMyBuckets"],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": ["s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions"],
"Resource": "arn:aws:s3:::bucket-name"
},
{
"Effect": "Allow",
"Action": ["s3:*Object*",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload"],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}
其实可能是过度的。任何进一步的想法?
Which may actually be overkill. Any further ideas?
推荐答案
Fiver的答案不足以在django-storages中运行collectstatic。我使用jvc26做的一切,除了s3:ListAllMyBuckets。我会假设s3:ListBucketVersions也不需要。
Fiver's answer is not enough to run collectstatic in django-storages. I used everything jvc26 did except for s3:ListAllMyBuckets. I would assume s3:ListBucketVersions is not needed either.
{
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions"],
"Resource": "arn:aws:s3:::bucket-name"
},
{
"Effect": "Allow",
"Action": ["s3:*Object*",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload"],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}
这篇关于django存储对s3 IAM用户需要哪些权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!