I am not 100% sure about django repositories, as I use cuddly-buddly , which is based on the S3 part of the django repository. I just found cuddlybuddly easier to use and worked better, plus the name is amazing!
Anyway, I have a project using Django + S3 and found the following AWS strategy as a minimum necessary for my project:
{ "Version": "2008-10-17", "Id": "Policy123", "Statement": [ { "Sid": "Stmt123", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::some-aws-user" }, "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::bucket-name" }, { "Sid": "Stmt234", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::some-aws-user" }, "Action": [ "s3:DeleteObject", "s3:GetObject", "s3:PutObject" ], "Resource": "arn:aws:s3:::bucket-name/*" } ] }
I have Django views that need to be loaded, retrieved, and deleted so that the relevant actions can be used / omitted based on your needs. Obviously, someone will need to change the username and bucket.
Also, for completeness, since this was not obvious to me, pay attention to the following limitations regarding AWS rules :
Maximum policy size is 20 KB
The value for the resource must have a bucket name prefix or bucket name and the path below it (bucket /). If only the bucket name is specified, without trailing /, the policy applies to the bucket.
Each policy must have a unique policy identifier (Id)
Each operator in the policy must have a unique operator identifier (sid)
Each policy should cover only one bucket and resources within this bucket (when writing a policy, do not include statements that refer to other buckets or resources in other buckets)
Finally, to anyone, do not change the date value in the Version key; Amazon uses this value to analyze the policy format.
Hope this helps!
Fiver Aug 7 '13 at 1:28 2013-08-07 01:28
source share