如何在python中公开S3存储桶 [英] How to make s3 bucket public in python

问题描述

我在Amazon s3中已经创建了一个存储桶.我想公开其内容而无需任何身份验证.我已经尝试过boto文件

I have an already created bucket in amazon s3. I want to make its content publicly available without any authentication. I have tried from documents of boto

要为存储桶设置罐头ACL，请使用Bucket对象的set_acl方法.传递给此方法的参数必须是acl.py中包含的CannedACLStrings列表中命名的四个允许的固定策略之一.例如，要使任何人都可以读取存储桶:

To set a canned ACL for a bucket, use the set_acl method of the Bucket object. The argument passed to this method must be one of the four permissable canned policies named in the list CannedACLStrings contained in acl.py. For example, to make a bucket readable by anyone:

b.set_acl('公开阅读')

b.set_acl('public-read')

它不起作用.我仍然无法公开访问我的文件.但是，将单个文件的acl设置为public-read是可行的.

It is not working. I still cant access my files publicly. However setting acl to public-read for individual files is working.

我想通过python公开它，因为我无权访问s3控制台.

I want to make it public from python as I don't have access to s3 console.

我想让整个存储桶公开可读.

I want to make whole bucket publicly readable.

我的代码是

    conn = boto.connect_s3(
        aws_access_key_id = access_key,
        aws_secret_access_key = secret_key,
        host = 's3.amazonaws.com',
        #is_secure=False,               # uncomment if you are not using ssl
        calling_format = boto.s3.connection.OrdinaryCallingFormat(),
        )
bucket = conn.get_bucket('media_library')
bucket.set_acl('public-read')

推荐答案

您将需要创建一个 Bucket Policy (桶策略)，以定义整个桶的权限.

You will need to create a Bucket Policy, which defines permissions on the bucket as a whole.

请参阅以下内容中的桶策略":

See 'Bucket Policy' in: Managing Access to S3 Resources (Access Policy Options)

您可以使用

You can do this via boto in Python with put_bucket_policy():

put_bucket_policy(** kwargs)

替换存储桶上的策略.如果该存储桶已经有一个策略，则此请求中的一个将完全替换它.

Replaces a policy on a bucket. If the bucket already has a policy, the one in this request completely replaces it.

请求语法

response = client.put_bucket_policy(Bucket='string', Policy='string')

请参见桶策略示例以查找合适的政策.

See Bucket Policy Examples to find a suitable policy.

以下是一项政策，使整个存储桶公开可读(只需插入您自己的存储桶名称):

Here is a policy that makes the whole bucket publicly readable (just insert your own bucket name):

{
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"AddPerm",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::examplebucket/*"]
    }
  ]
}

这篇关于如何在python中公开S3存储桶的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！