小贝子编程

AWS:Boto3 启用 S3 版本控制/生命周期 - 访问被拒绝



我正在尝试向 boto3 传递存储桶名称列表,并让它首先在每个存储桶上启用版本控制,然后在每个存储桶上启用生命周期策略。

我已经完成了 aws 配置,并且确实有两个配置文件,都是具有所有必要权限的当前活动用户配置文件。 我想使用的那个被命名为"默认"。

import boto3

# Create session
s3 = boto3.resource('s3')
# Bucket list
buckets = ['BUCKET-NAME']
# iterate through list of buckets
for bucket in buckets:
    # Enable Versioning
    bucketVersioning = s3.BucketVersioning('bucket')
    bucketVersioning.enable()
    # Current lifecycle configuration
    lifecycleConfig = s3.BucketLifecycle(bucket)
    lifecycleConfig.add_rule={
        'Rules': [
            {
                'Status': 'Enabled',
                'NoncurrentVersionTransition': {
                    'NoncurrentDays': 7,
                    'StorageClass': 'GLACIER'
                },
                'NoncurrentVersionExpiration': {
                    'NoncurrentDays': 30
                }
            }
        ]
    }

    # Configure Lifecycle
    bucket.configure_lifecycle(lifecycleConfig)

print "Versioning and lifecycle have been enabled for buckets."

当我运行它时,出现以下错误:

Traceback (most recent call last):
  File "putVersioning.py", line 27, in <module>
    bucketVersioning.enable()
  File "/usr/local/lib/python2.7/dist-packages/boto3/resources/factory.py", line 520, in do_action
    response = action(self, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/boto3/resources/action.py", line 83, in __call__
    response = getattr(parent.meta.client, operation_name)(**params)
  File "/home/user/.local/lib/python2.7/site-packages/botocore/client.py", line 253, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/home/user/.local/lib/python2.7/site-packages/botocore/client.py", line 557, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutBucketVersioning operation: Access Denied

我的个人资料具有完全权限,所以这应该不是问题。传递凭据还需要执行其他操作吗?谢谢大家!

要设置版本控制状态,您必须是存储桶拥有者。

上述语句的意思是 - 要使用 PutBucketVersioning 操作来启用版本控制,您必须是存储桶的所有者。

使用以下命令检查存储桶的拥有者。如果您是存储桶的拥有者,您应该能够将版本控制状态设置为已启用/已挂起

aws s3api get-bucket-acl --bucket yourBucketName

好的,概念任务是正确的; 但是,似乎我也通过引用一个变量在我的代码中搞砸了:

bucketVersioning = s3.BucketVersioning('bucket')

应该是

bucketVersioning = s3.BucketVersioning(bucket)

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium