Setting specific permission in amazon s3 boto bucket

 

I have a bucket called 'ben-bucket' inside that bucket I have multiple files. I want to be able to set permissions for each file URL. I'm not too sure but I'm assuming if I wanted URL for each file inside a bucket. My URL would be like this? 

https://ben-bucket.s3.amazonaws.com/<file_name>

So basically, I want to set a public access to that URL. How would I do it? I tried this and it doesn't work 

    bucket = s3.Bucket('ben-bucket').Object('db.sqlite')
    bucket.BucketAcl('public-read')
    print bucket_acl

The code provided. db.sqlite is one of the files inside my bucket ben-bucket The code doesn't work. I want to be able to access the following URL publicly 

https://ben-bucket.s3.amazonaws.com/db.sqlite

The code I provided doesn't set the permission to public-read.

By default, all objects in Amazon S3 are private. You can then add permissions so that people can access your objects. This can be done via:

  • Access Control List permissions on individual objects
  • A Bucket Policy that grants wide-ranging access based on path, IP address, referrer, etc
  • IAM Users and Groups that grant permissions to Users with AWS credentials
  • Pre-Signed URLs

    • If you wish to grant public access to your entire bucket, the simiplest option is to create a Bucket Policy like this (from Bucket Policy Examples]: 

    {
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"AddPerm",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::MY-BUCKET/*"]
    }
  ]
}

    If you wish to grant public access only to a sub-directory within the bucket, use: 

    {
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"AddPerm",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::MY-BUCKET/PATH/*"]
    }
  ]
}

    Yes, you could also set the permissions on each individual file. The code for that would be: 

    import boto3
s3 = boto3.resource('s3')
object = s3.Bucket('ben-bucket').Object('db.sqlite')
object.Acl().put(ACL='public-read')

    Reference: Boto3 S3 access controls

    链接地址: http://www.djcxy.com/p/93546.html

    上一篇: 如何使用boto3在s3上通过url访问图片?

    下一篇: 在amazon s3 boto bucket中设置特定权限