AWS Installation Problems
Access Denied and Other Permissions Problems
First make sure these permissions are available:
s3:PutObject
s3:GetObject
s3:ListBucket
s3:ListAllMyBuckets
s3:HeadBucket
Example Policy JSON for debug
IF that is not working use this policy to test. You can add back in other blocks and bucket limits later.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
AWS Permissions issues checklist
- Works in Console or Command Line Interface (CLI)?
- Copy and paste and credentials are correct?
NOTE If AWS Installation Credentials were changed you must restart Diffgram Service to load them. Installation Only (Not Connections). - Correctly configured in general, eg Users, Roles etc.
- DIFFGRAM_STATIC_STORAGE_PROVIDER = 'aws'
You may see this error surfaced or it may require looking at logs (eg Docker / Diffgram Walrus )
SignatureDoesNotMatch
Error Connecting to S3: Please check you have read permissions on the S3 bucket.
The request signature we calculated does not match the signature you provided. Check your key and signing method.
There are different regions that don't support the default signature from boto3.
Solution 1 - Set IS_DIFFGRAM_S3_V4_SIGNATURE
Set
IS_DIFFGRAM_S3_V4_SIGNATURE=True
Or during install answer yes to 'Use AWS Signature Version 4?[Y/n]`
Solution 2 - Change Region
Change your S3 region. Change to any region (most do) that support default boto3 signatures. List of supported regions.
Blob Access X-Amz-Expires must be less then a week
Set time less then 7 days
See #968
Updated over 2 years ago