使用boto3获取公共可访问的s3对象的URL，没有到期或安全信息 [英] Get url of public accessible s3 object using boto3 without expiration or security info

问题描述

运行如下一行:

s3_obj = boto3.resource('s3').Object(bucket, key)
s3_obj.meta.client.generate_presigned_url('get_object', ExpiresIn=0, Params={'Bucket':bucket,'Key':key})

产生的结果如下:

https://my-bucket.s3.amazonaws.com/my-key/my-object-name?AWSAccessKeyId=SOMEKEY&Expires=SOMENUMBER&x-amz-security-token=SOMETOKEN

对于具有 public-read ACL的s3对象，不需要所有GET参数.

For an s3 object with public-read ACL, all the GET params are unnecessary.

我可以欺骗并使用不带GET参数的重写URL，但这感觉很不整洁.

I could cheat and use rewrite the URL without the GET params but that feels unclean and hacky.

如何使用boto3仅向我提供公共链接，例如 https://my-bucket.s3.amazonaws.com/my-key/my-object-name ?换句话说，如何跳过 generate_presigned_url 中的签名步骤?我没有看到类似 generate_unsigned_url 函数的任何东西.

How do I use boto3 to provide me with just the public link, e.g. https://my-bucket.s3.amazonaws.com/my-key/my-object-name? In other words, how do I skip the signing step in generate_presigned_url? I don't see anything like a generated_unsigned_url function.

推荐答案

我发现的最佳解决方案仍然是使用 generate_presigned_url ，只是 Client.Config.signature_version 需要设置为 botocore.UNSIGNED .

The best solution I found is still to use the generate_presigned_url, just that the Client.Config.signature_version needs to be set to botocore.UNSIGNED.

以下内容返回不带签名内容的公共链接.

The following returns the public link without the signing stuff.

config.signature_version = botocore.UNSIGNED
boto3.client('s3', config=config).generate_presigned_url('get_object', ExpiresIn=0, Params={'Bucket': bucket, 'Key': key})

关于boto3存储库的相关讨论是:

The relevant discussions on the boto3 repository are:

• https://github.com/boto/boto3/issues/110
• https://github.com/boto/boto3/issues/169
• https://github.com/boto/boto3/issues/1415

这篇关于使用boto3获取公共可访问的s3对象的URL，没有到期或安全信息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！