Setting specific permission in amazon s3 boto bucket

I have a bucket called 'ben-bucket' inside that bucket I have multiple files. I want to be able to set permissions for each file URL. I'm not too sure but I'm assuming if I wanted URL for each file inside a bucket. My URL would be like this?

https://ben-bucket.s3.amazonaws.com/<file_name>

So basically, I want to set a public access to that URL. How would I do it? I tried this and it doesn't work

    bucket = s3.Bucket('ben-bucket').Object('db.sqlite')
    bucket.BucketAcl('public-read')
    print bucket_acl

The code provided. db.sqlite is one of the files inside my bucket ben-bucket The code doesn't work. I want to be able to access the following URL publicly

https://ben-bucket.s3.amazonaws.com/db.sqlite

The code I provided doesn't set the permission to public-read.


By default, all objects in Amazon S3 are private. You can then add permissions so that people can access your objects. This can be done via:

  • Access Control List permissions on individual objects
  • A Bucket Policy that grants wide-ranging access based on path, IP address, referrer, etc
  • IAM Users and Groups that grant permissions to Users with AWS credentials
  • Pre-Signed URLs
  • If you wish to grant public access to your entire bucket, the simiplest option is to create a Bucket Policy like this (from Bucket Policy Examples]:

    {
      "Version":"2012-10-17",
      "Statement":[
        {
          "Sid":"AddPerm",
          "Effect":"Allow",
          "Principal": "*",
          "Action":["s3:GetObject"],
          "Resource":["arn:aws:s3:::MY-BUCKET/*"]
        }
      ]
    }
    

    If you wish to grant public access only to a sub-directory within the bucket, use:

    {
      "Version":"2012-10-17",
      "Statement":[
        {
          "Sid":"AddPerm",
          "Effect":"Allow",
          "Principal": "*",
          "Action":["s3:GetObject"],
          "Resource":["arn:aws:s3:::MY-BUCKET/PATH/*"]
        }
      ]
    }
    

    Yes, you could also set the permissions on each individual file. The code for that would be:

    import boto3
    s3 = boto3.resource('s3')
    object = s3.Bucket('ben-bucket').Object('db.sqlite')
    object.Acl().put(ACL='public-read')
    

    Reference: Boto3 S3 access controls

    链接地址: http://www.djcxy.com/p/93546.html

    上一篇: 如何使用boto3在s3上通过url访问图片?

    下一篇: 在amazon s3 boto bucket中设置特定权限