使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

ERROR An error occurred (AccessDenied) when calling the DeleteObject operation: Access Denied

0

my s3 IAM

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*",
                "s3-object-lambda:*"
            ],
            "Resource": "*"
        }
    ]
}

settings.py

INSTALLED_APPS = [
    'storages',
]

DEFAULT_FILE_STORAGE = "storages.backends.s3boto3.S3Boto3Storage"

django code

def UpdateCompanyView(request):
    user = request.user
    company = user.company
    old_logo = company.logo
    if old_logo and 'logo' in serializer.validated_data and data_logo is not None:
        old_logo.delete()
    #old_logo.delete(save=False)#I've tried this also

other all actions working put, add, but deleting occurring this error

主題
安全性、身分識別與合規
標籤
AWS Identity and Access ManagementIAM 政策
語言
English
Shary Raaz
已提問 6 個月前檢視次數 331 次
1 個回答
0

Hello.

S3 bucket policy not set?
If DeleteObject is denied in the S3 bucket policy, object deletion will fail even if the IAM policy allows it.

profile picture
專家
Riku_Kobayashi
已回答 6 個月前
  • Shary Raaz
    6 個月前

    where to set it ?

    in the bucket policy i already add the same, but same error

  • Riku_Kobayashi 專家
    6 個月前

    If the IAM policy is set correctly, there is no need to set the S3 bucket policy.

  • Shary Raaz
    6 個月前

    then which policy you're talking about. the IAM policy is already set. then why i'm getting this error. please give me the solution if you know about it

  • Riku_Kobayashi 專家
    6 個月前

    Is your AWS account managed by AWS Organizations? In that case, please check whether DeleteObject is not rejected by SCP. Additionally, please make sure that "Permissions boundaries" are not set, as described in the document below. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html?icmpid=docs_iam_console

  • Shary Raaz
    6 個月前

    when i visit SCPs

    Your request has a problem. Please see the following details. Your account is not a member of an organization.

    and Permissions boundaries are also not set

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容