0

my image is uploading on s3 bucket and I added parameter ExtraArgs={"ACL":"public-read"} but my image not available for public view. here is my code:

       s3 = boto3.resource(
      's3',
       aws_access_key_id =   "" ,
       aws_secret_access_key = ""
       )
       bucket = s3.Bucket('my_bucket_name')  
       im_io.seek(0) 
       unique_uuid = str(uuid.uuid4())
       bucket.upload_fileobj(im_io,'ads_image/'+blog_title+unique_uuid +file.filename,ExtraArgs={"ACL":"public-read"})
       upload_file_url = "https://{'MY_url'}.s3.us-east-3.amazonaws.com/ads_image/"+blog_title+unique_uuid+file.filename

I also added my bucked policy and enabled public my s3 bucket. here is my bucket policy:

{
    "Version": "2012-10-17",
    "Id": "Policy16****",
    "Statement": [
        {
            "Sid": "IPAllow",
            "Effect": "Deny",
            "Principal": "*",
            "Action": [
                "s3:GetObjectAcl",
                "s3:PutObjectAcl",
                "s3:DeleteObject",
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::bucket_name/*",
            "Condition": {
                "NotIpAddress": {
                    "aws:SourceIp": [
                        "my ip"
                    ]
                }
            }
        }
    ]
}
John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
boyenec
  • 1,405
  • 5
  • 29
  • Why would it be available publicly, if you `Deny` it in your policy? – Marcin Oct 19 '22 at 04:40
  • It's will deny only s3 put object if request not coming from my server and will not deny public view – boyenec Oct 19 '22 at 04:47
  • I aslo manually uploaded few image and those images publicly available. – boyenec Oct 19 '22 at 04:48
  • 2
    Is **S3 Block Public Access** turned OFF for the bucket? Specifically, the options that relate to ACLs? Also, do you know whether the bucket was created with `Object Ownership = ACLs disabled`? You can check this in the Permissions tab. – John Rotenstein Oct 19 '22 at 05:08
  • John Rotenstein yes Block Public Access turned OFF but when trying to `Ownership = ACLs disabled` getting this error. see the screenshot https://drive.google.com/file/d/13BWh1i1QIGQzWKIPR3vlY2c4Zpd7EULo/view?usp=sharing – boyenec Oct 19 '22 at 05:13
  • @boyenec The policy has `s3:GetObject` as well, not only put. – Marcin Oct 19 '22 at 05:20
  • @Marcin what should I do now? – boyenec Oct 19 '22 at 10:12

1 Answers1

0

I solved the problems after keep all images inside an single directory before I was keeping theme like /main_folder/sub_folder

now all images I keeping theme inside an single directory and my problem solved.

boyenec
  • 1,405
  • 5
  • 29
  • Please remember to `close` the in-memory bytes buffer afterwards, as shown in [this answer](https://stackoverflow.com/a/73815575/17865804) and [this answer](https://stackoverflow.com/a/73811351/17865804), in order to release the memory. – Chris Oct 23 '22 at 07:06