mjgiarlo
commented
7 years ago Thoughts, @eefahy @bbranan @jcoyne @cbeer ?
Closed dbernstein closed 7 years ago
mjgiarlo
commented
7 years ago Thoughts, @eefahy @bbranan @jcoyne @cbeer ?
bbranan
commented
7 years ago Thanks for pointing this out Danny. We had set ACLs on the bucket to give read access, but those permissions don't automatically apply to content in the bucket. I've added a bucket permissions policy which does apply to all content. So any files placed in that bucket are now available for anyone to download without needing to set a policy on the individual item, which I believe is the goal. You should be all set.
I was trying to run the stack today and ran into a failure that I traced back to "Access Denied" responses when trying to download fcrepo-webapp-4.8.0-SNAPSHOT.war from hybox-deployment-artifacts. On further investigation I noticed that running
aws s3 sync s3://hybox-deployment-artifacts/ . --exclude "*" --include "fcrepo-webapp*"resulted in fcrepo-webapp-4.5.1.war succeeding while fcrepo-webapp-4.6.0.war, fcrepo-webapp-4.7.1.war, and fcrepo-webapp-4.8.0-SNAPSHOT.war failed. It suggests the world readable permissions are being set on a file by file basis. Perhaps the whole bucket should be public?