AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

The bucket does not allow ACLs

0

I take my first steps with AWS. I follow this Tutorial step by step:

Deploying a high-availability PHP application with an external Amazon RDS database to Elastic Beanstalk https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/php-ha-tutorial.html

I successfully started the environment.

When I try to upload code files I get an error: Service:Amazon S3, Message:The bucket does not allow ACLs.
Failed to deploy application.

I learned a little about ACLs. Stackoverflow recommends choosing "ACLs enable" for bucket S3. And that solves the problem, but...

But the AWS Developer Guide says: “A majority of modern use cases in Amazon S3 no longer require the use of ACLs. We recommend that you keep ACLs disabled. With ACLs disabled, you can use policies to control access to all objects in your bucket”.

How do I proceed, enable or disable ACL?

I learned a little about how I can use policies. But I didn't find a simple working example of what policies I should add.

To start, I'm trying to migrate a simple small website from other hosting.

Friends, can you share best practices or useful working examples on how to do this?

Thanks in advance!

주제
컴퓨팅스토리지
태그
AWS Elastic BeanstalkS3 선택
언어
English
Uplloyd
질문됨 일 년 전5466회 조회
1개 답변
1
수락된 답변

As the AWS developer guide says, the use of ACLs isn't recommended any more so it's worthwhile spending time learning how to use bucket policies as they give you much more, fine-grained control over who or what can access the bucket.

There are a list of example bucket policies at https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html, and several online tutorials which will explain how to use them.

As example, if you had a prefix of upload in your folder, you could allow uploads to the folder with a bucket policy similar to

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowUpload",
            "Effect": "Allow",
            "Action": ["s3:PutObject"],
            "Resource": ["arn:aws:s3:::<EXAMPLEBUCKET>"],
            "Condition": {
                "StringEquals": {
                    "s3:prefix": ["upload"],

                }
            }
        }
    ]
}

you'll need to replace EXAMPLEBUCKET with your bucket name.

profile picture
Simon Hanmer
답변함 일 년 전
전문가
skinsman
검토됨 일 년 전
  • Uplloyd
    일 년 전

    Thanks for the link! How did I miss it :) Thank you Simon for the example. I will look deeper into this issue! And of course, thank you for not passing by my question. Respect to you!

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠