Deploy Django to AWS part 2 - Hosting Files on S3


Continued from part 1: deploy-django-to-aws.

I'm learning from this tutorial.

Set up s3 bucket

Go to and click “Create Bucket”

Once your bucket is created click on “Permissions”:

Then hit “Edit bucket policy”. This is our bucket policy:

  "Statement": [
      "Principal": {
          "AWS": "*"
      "Effect": "Allow",
      "Action": "s3:*",
      "Resource": ["arn:aws:s3:::bucket-name/*", "arn:aws:s3:::bucket-name"]

I got the policy from this Stack Overflow post.

Where cptmusicblog is the name of my bucket. Add a file and double click on it. You should be able to see it publicly. Here is a url for an image I uploaded:

Set up django to get static files from s3

Install some packages and add them to requirements.txt:

$ pip install django-storages boto
$ pip freeze > requirements.txt

Add “storages” to INSTALLED_APPS in iotd/iotd/


Then add more to

    'Expires': 'Thu, 31 Dec 2099 20:00:00 GMT',
    'Cache-Control': 'max-age=94608000',

AWS_ACCESS_KEY_ID = 'xxxxxxxxxxxxxxxxxxxx'
AWS_SECRET_ACCESS_KEY = 'yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy'

The AWS_HEADERS means that AWS tells browsers they can cache the files until 2099

which happens to be in

Get your access credentials by clicking your username dropdown > “Security credentials” > “Users”.

If you haven't created a user you have to do that. Then click Manage Access Keys. Then Create Access Key. We can only view our private key once. Download the keys as a CSV file. Keep these secret so no one exploits them by mining bitcoin on your account with your credentials (do not push them to github).

Also add these lines to

STATICFILES_STORAGE = 'storages.backends.s3boto.S3BotoStorage'

CORS configuration

Go to S3 bucket preferences and under “edit CORS configuration” paste this in:


Try it

$ python iotd/ collectstatic
$ eb deploy cptmusicblog-dev
comments powered by Disqus