Amazon CloudFront使用签名的URL返回403

时间:2016-11-21 18:32:17

标签: python amazon-web-services amazon-s3 amazon-cloudfront boto3

所以我现在已经坚持这个问题了很长一段时间。我一直在尝试使用CloudFront签名的URL设置对s3资源的私人访问权限,但我不断得到以下回报。

请求:

DECLARE @Table AS TABLE (DateString NVARCHAR(25))
INSERT INTO @Table VALUES
('20160101')
,('20160230')

;WITH cte AS (
    SELECT
       DateString
       ,ISDATE(DateString) as IsDate
       ,TRY_CONVERT(DATE,DateString,112) as DateFieldTryConvert
       ,CASE WHEN ISDATE(DateString) = 1 THEN CAST(DateString AS DATE) END as DateFieldCaseExpression
    FROM
       @Table
)

SELECT
    *
    ,FORMAT(DateFieldCaseExpression, 'yyyymmdd') as DateFormatedToString
    ,CONVERT(VARCHAR(10),DateFieldCaseExpression,112) as DateConvertedToString
FROM
    cte

响应:

GET /index.html?Expires=1483228800&Signature=lhsrX7PhDWB55DUgv4kWHE9iAn1oamnus3RfDvb~X3EEAGwoEPLcMpXho~Pss2gSDTSUDFRSllZfvV3EOlOQMhixY9D036nx0rMYsqiSnl09jgKypVZGYcVVlPFqr-8~h2fduC2QjDjakMicM1TvQehCAat1cZGh1bp68KZQKO5iBiyw52xkYyvkVdUjN1l1m0W6-dnTWEOZWQIOlIX6bV8l0GHUwOpwjeQA28-bA2X7wwGeAXvYkGs5YIamBWi98O-z44vXq8k4o1d8Ce8WqLCRdoHbC6WHgOvrx9uhDQwzXIYq2u1OboJe3i8ojWKwKcGYUoR-TbBbcz3Idzfflw__&Key-Pair-Id=APKAI5QZNATBCXWPT7LA HTTP/1.1
Host: d6x4svdsauc7c.cloudfront.net
Cache-Control: no-cache

请求:

<?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code><Message>Access denied</Message></Error>

content-length →110
content-type →text/xml
date →Mon, 21 Nov 2016 15:51:13 GMT
server →CloudFront
status →403
via →1.1 940b367f846b05ee5d0f25268ff80731.cloudfront.net (CloudFront)
x-amz-cf-id →rbSd5kfPq3fn0TbI-asrdZcweOFubqVqhEl28AytWgrva6wZiJZclQ==
x-cache →Error from cloudfront

响应:

GET /8994c9b6-933e-4016-a5bd-cc6c9720b170/9ccc0c6e-e1c5-4448-91a6-7899f2ebc67a.jpeg?Expires=1483228800&Signature=LreSylF4zpo3ZxXSzShTl44emepfLGHyHssSC0GvPf99TDDwytAWk4l8NtPteyU-cY679nZPFIIVtijshP99hs5kmpNyqqH~24pfE681bPLsQ8~~YeKVNmY5otgr6Ov2FYFWpR5i5uH6weja494isQsoe~2hk6-2ryqCowrKFrO2XyAjNfsP3A~VPT3REGlOL3LcA3A4rbK1H2VL9f8HVxmaL56qny7S4uXAfNaMWhEXuxFyZIaFIAotaVNYxNW5265vwUWPxcUvG4dib7YW2ZzfaEHbNngjbLJBzO~4jjAz8bw-Tj~LX45bF2gSN-JLXdESthyiI8plg65a758gPQ__&Key-Pair-Id=APKAI5QZNATBCXWPT7LA HTTP/1.1
Host: d6x4svdsauc7c.cloudfront.net
Cache-Control: no-cache

我的存储桶策略看起来像是,我已删除了我的存储桶名称和原始访问标识ID:

<?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code><Message>Access denied</Message></Error>

content-length →110
content-type →text/xml
date →Mon, 21 Nov 2016 15:53:15 GMT
server →CloudFront
status →403
via →1.1 940b367f846b05ee5d0f25268ff80731.cloudfront.net (CloudFront)
x-amz-cf-id →93RY4Sv7dQgsFBMJG8UOEOXKhq06kc6MgpqueR_NeHyl3916kH5gwQ==
x-cache →Error from cloudfront

正如你所看到的,我总是得到403回来。当我关闭签名的网址时,它按预期工作。我使用Python来签署网址。我的代码与找到的示例代码here几乎相同。任何帮助将不胜感激!

0 个答案:

没有答案