Setting specific permission in amazon s3 boto bucket
I have a bucket called 'ben-bucket' inside that bucket I have multiple files. I want to be able to set permissions for each file URL. I'm not too sure but I'm assuming if I wanted URL for each file inside a bucket. My URL would be like this?
https://ben-bucket.s3.amazonaws.com/<file_name>
So basically, I want to set a public access to that URL. How would I do it? I tried this and it doesn't work
bucket = s3.Bucket('ben-bucket').Object('db.sqlite')
bucket.BucketAcl('public-read')
print bucket_acl
The code provided. db.sqlite is one of the files inside my bucket ben-bucket The code doesn't work. I want to be able to access the following URL publicly
https://ben-bucket.s3.amazonaws.com/db.sqlite
The code I provided doesn't set the permission to public-read.
By default, all objects in Amazon S3 are private. You can then add permissions so that people can access your objects. This can be done via:
If you wish to grant public access to your entire bucket, the simiplest option is to create a Bucket Policy like this (from Bucket Policy Examples]:
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"AddPerm",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::MY-BUCKET/*"]
}
]
}
If you wish to grant public access only to a sub-directory within the bucket, use:
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"AddPerm",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::MY-BUCKET/PATH/*"]
}
]
}
Yes, you could also set the permissions on each individual file. The code for that would be:
import boto3
s3 = boto3.resource('s3')
object = s3.Bucket('ben-bucket').Object('db.sqlite')
object.Acl().put(ACL='public-read')
Reference: Boto3 S3 access controls
链接地址: http://www.djcxy.com/p/93546.html