使用boto3获取公共可访问的s3对象的URL,没有到期或安全信息 [英] Get url of public accessible s3 object using boto3 without expiration or security info
问题描述
运行如下一行:
s3_obj = boto3.resource('s3').Object(bucket, key)
s3_obj.meta.client.generate_presigned_url('get_object', ExpiresIn=0, Params={'Bucket':bucket,'Key':key})
产生的结果如下:
https://my-bucket.s3.amazonaws.com/my-key/my-object-name?AWSAccessKeyId=SOMEKEY&Expires=SOMENUMBER&x-amz-security-token=SOMETOKEN
对于具有 public-read
ACL的s3对象,不需要所有GET参数.
For an s3 object with public-read
ACL, all the GET params are unnecessary.
我可以欺骗并使用不带GET参数的重写URL,但这感觉很不整洁.
I could cheat and use rewrite the URL without the GET params but that feels unclean and hacky.
如何使用boto3仅向我提供公共链接,例如 https://my-bucket.s3.amazonaws.com/my-key/my-object-name
?换句话说,如何跳过 generate_presigned_url
中的签名步骤?我没有看到类似 generate_unsigned_url
函数的任何东西.
How do I use boto3 to provide me with just the public link, e.g. https://my-bucket.s3.amazonaws.com/my-key/my-object-name
? In other words, how do I skip the signing step in generate_presigned_url
? I don't see anything like a generated_unsigned_url
function.
推荐答案
我发现的最佳解决方案仍然是使用 generate_presigned_url
,只是 Client.Config.signature_version
需要设置为 botocore.UNSIGNED
.
The best solution I found is still to use the generate_presigned_url
, just that the Client.Config.signature_version
needs to be set to botocore.UNSIGNED
.
以下内容返回不带签名内容的公共链接.
The following returns the public link without the signing stuff.
config.signature_version = botocore.UNSIGNED
boto3.client('s3', config=config).generate_presigned_url('get_object', ExpiresIn=0, Params={'Bucket': bucket, 'Key': key})
关于boto3存储库的相关讨论是:
The relevant discussions on the boto3 repository are:
- https://github.com/boto/boto3/issues/110
- https://github.com/boto/boto3/issues/169
- https://github.com/boto/boto3/issues/1415
这篇关于使用boto3获取公共可访问的s3对象的URL,没有到期或安全信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!