[英]s3 policy update through lambda/boto3 - list index out of range error
I have a requirement to update S3 bucket policy (Get the current resource ARNs and append new Resource ARN). 我需要更新S3存储桶策略(获取当前资源ARN并附加新的资源ARN)。 Here is the snippet of code: 这是代码片段:
import os
import boto3
import pprint
import json
import sys
s3 = boto3.resource('s3')
buckets = ["test090909"]
for s3b in buckets:
print("processing bucket" + s3b)
bucket = s3.Bucket(s3b)
policy = bucket.Policy()
p = json.loads(policy.policy)
print(p) # Good until here
stmt = p["Statement"][1]
print(stmt)
The output of p
is as below all good until that but if I want to get Resource section then it should be stmt = p["Statement"][1]
as this is dict and list index is 1 but I am getting an error IndexError: list index out of range
but if I do stmt = p["Statement"][0]
it returning everything. p
的输出如下所示,直到此为止一切都很好,但是如果我想获取Resource节,则它应该是stmt = p["Statement"][1]
因为这是字典,列表索引为1,但是我收到了一个错误IndexError: list index out of range
但是如果我执行stmt = p["Statement"][0]
它将返回所有内容。 I believe I am doing some thing wrong with string/json items I believe. 我相信我相信的string / json项目做错了什么。
{
u'Version': u'2012-10-17',
u'Id': u'Policy1544682557303',
u'Statement': [
{
u'Action': u's3:DeleteBucket',
u'Principal': {
u'Service': u'config.amazonaws.com'
},
u'Resource': [
u'arn:aws:s3:::test090909',
u'arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*'
],
u'Effect': u'Allow',
u'Sid': u'Stmt1544682555302'
}
]
}
it should be "stmt = p["Statement"][1]" as this is dict and list index is 1 but i am getting an error " IndexError: list index out of range" but if i do "stmt = p["Statement"][0]" it returning everything 它应该是“ stmt = p [“ Statement”] [1]“,因为这是字典,列表索引为1,但是我收到一个错误“ IndexError:列表索引超出范围”,但是如果我执行“ stmt = p [”语句“] [0]”返回所有内容
This is not correct. 这是不正确的。 Given the json
output, p["Statement"][1]
doesn't exist hence the out of range error is raised. 给定json
输出, p["Statement"][1]
不存在,因此引发了超出范围的错误。 p["Statement"]
contains only one item. p["Statement"]
仅包含一项。 Using your words, p["Statement"][0]
returns "everything" because it actually contains everything. 用您的话说, p["Statement"][0]
返回“一切”,因为它实际上包含了所有内容。 It contains a list of Item and one of the item is a list of arn resources. 它包含一个Item列表,其中一个是arn资源列表。
There you go: 你去了:
>>print(p["Statement"][0])
[ { u'Action': u's3:DeleteBucket', u'Principal': { u'Service': u'config.amazonaws.com' }, u'Resource': [ u'arn:aws:s3:::test090909', u'arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*' ], u'Effect': u'Allow', u'Sid': u'Stmt1544682555302' } ]
>>print(p["Statement"][0]["Resource"])
[ u'arn:aws:s3:::test090909', u'arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*' ]
Then if you want to access one of the specific resource: 然后,如果要访问特定资源之一:
>>print(p["Statement"][0]["Resource"][0])
arn:aws:s3:::test090909
>>print(p["Statement"][0]["Resource"][1])
arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*
Happy coding! 编码愉快!
Python索引从0开始,因此p["Statement"][0]
将返回该列表中的第一项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.