f6827a9a8e
On many buckets, we use s3://bucket/path to separate environments because AWS used to have a really low limit on the number of buckets we could have, and we wanted to share them across environments. If you combine this with an IAM policy that only allows you access to the s3://bucket/path that you "own", then get_bucket fails. http://boto.cloudhackers.com/en/stable/ref/s3.html#boto.s3.connection.S3Connection.get_bucket The HEAD appears to be similar to get_all_keys which requires ListObjects on the bucket with no conditions. django-storages (Which is what we write new S3 access in) actually always passes validate=False unless you're allowing it to create buckets for you (which we never do). https://github.com/jschneier/django-storages/blob/1.4.1/storages/backends/s3boto.py#L320-L334