我试图在我的AWS账户上设置dodgerCMS http://dodgercms.com/help/installation。我在尝试登录管理器时遇到以下错误。我正在寻求帮助以尝试解决问题:
manager.project.com/s3-website-us-west-1.amazonaws.com说:
拒绝访问。请确保连接到访问密钥的用户可以访问assets.project.com。
我发现了类似问题(https://github.com/ChrisZieba/dodgercms/issues/3),但解决方案并没有为我解决。
以下是我采取的步骤:
aws s3api create-bucket --bucket data.project.com --region us-west-1 --create-bucket-configuration LocationConstraint=us-west-1
{
"CORSRules": [
{
"AllowedOrigins": ["*"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["HEAD", "GET", "PUT", "POST", "DELETE"],
"ExposeHeaders": ["ETag", "x-amz-meta-title", "x-amz-meta-label"]
}
]
}
aws s3api put-bucket-cors --bucket data.project.com --cors-configuration file://~/data-cors.json
aws s3api create-bucket --bucket assets.project.com --region us-west-1 --create-bucket-configuration LocationConstraint=us-west-1
{
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::assets.project.com/*"
}
]
}
aws s3api put-bucket-policy --bucket assets.project.com --policy file://~/assets-policy.json
{
"CORSRules": [
{
"AllowedOrigins": ["*"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["HEAD", "GET", "PUT", "POST", "DELETE"],
"ExposeHeaders": ["ETag"]
}
]
}
aws s3api put-bucket-cors --bucket assets.project.com --cors-configuration file://~/assets-cors.json
aws s3api create-bucket --bucket project.com --region us-west-1 --create-bucket-configuration LocationConstraint=us-west-1
aws s3 website s3://project.com/ --index-document index.html --error-document error.html
{
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::datacoral.io/*"
}
]
}
aws s3api put-bucket-policy --bucket project.com --policy file://~/web-policy.json
{
"CORSRules": [
{
"AllowedOrigins": ["*"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["HEAD", "GET", "PUT", "POST", "DELETE"],
"ExposeHeaders": ["ETag", "x-amz-meta-title", "x-amz-meta-label"]
}
]
}
aws s3api put-bucket-cors --bucket project.com --cors-configuration file://~/web-cors.json
aws s3api create-bucket --bucket manager.project.com --region us-west-1 --create-bucket-configuration LocationConstraint=us-west-1
aws s3 website s3://manager.project.com/ --index-document index.html --error-document error.html
aws --profile dccustomer s3 sync ~/dodgercms s3://manager.project.com/ --acl public-read
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1427944232000",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetObject",
"s3:DeleteObject",
"s3:PutObject",
"s3:GetBucketWebsite",
"s3:PutBucketWebsite",
"s3:DeleteBucketWebsite",
"s3:GetBucketLogging",
"s3:GetBucketVersioning",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::data.project.com",
"arn:aws:s3:::data.project.com/*",
"arn:aws:s3:::assets.project.com",
"arn:aws:s3:::assets.project.com/*",
"arn:aws:s3:::project.com",
"arn:aws:s3:::project.com/*"
]
},
{
"Effect": "Allow",
"Action": "sts:GetFederationToken",
"Resource": "*"
}
]
}
我在github上的dodgercms回购中问了同样的问题:https://github.com/ChrisZieba/dodgercms/issues/10