通过lambda / boto3进行s3策略更新-列表索引超出范围错误
[英]s3 policy update through lambda/boto3 - list index out of range error
问题描述
I have a requirement to update S3 bucket policy (Get the current resource ARNs and append new Resource ARN). 
我需要更新S3存储桶策略(获取当前资源ARN并附加新的资源ARN)。 Here is the snippet of code: 这是代码片段:
import os
import boto3
import pprint
import json
import sys
s3 = boto3.resource('s3')
buckets = ["test090909"]
for s3b in buckets:
print("processing bucket" + s3b)
bucket = s3.Bucket(s3b)
policy = bucket.Policy()
p = json.loads(policy.policy)
print(p) # Good until here
stmt = p["Statement"][1]
print(stmt)
The output of p is as below all good until that but if I want to get Resource section then it should be stmt = p["Statement"][1] as this is dict and list index is 1 but I am getting an error IndexError: list index out of range but if I do stmt = p["Statement"][0] it returning everything. p的输出如下所示,直到此为止一切都很好,但是如果我想获取Resource节,则它应该是stmt = p["Statement"][1]因为这是字典,列表索引为1,但是我收到了一个错误IndexError: list index out of range但是如果我执行stmt = p["Statement"][0]它将返回所有内容。 I believe I am doing some thing wrong with string/json items I believe. 我相信我相信的string / json项目做错了什么。
{
u'Version': u'2012-10-17',
u'Id': u'Policy1544682557303',
u'Statement': [
{
u'Action': u's3:DeleteBucket',
u'Principal': {
u'Service': u'config.amazonaws.com'
},
u'Resource': [
u'arn:aws:s3:::test090909',
u'arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*'
],
u'Effect': u'Allow',
u'Sid': u'Stmt1544682555302'
}
]
}
2 个解决方案
解决方案1
1 2018-12-16 01:31:50
it should be "stmt = p["Statement"][1]" as this is dict and list index is 1 but i am getting an error " IndexError: list index out of range" but if i do "stmt = p["Statement"][0]" it returning everything
This is not correct. 这是不正确的。 Given the json output, p["Statement"][1] doesn't exist hence the out of range error is raised. 给定json输出, p["Statement"][1]不存在,因此引发了超出范围的错误。 p["Statement"] contains only one item. p["Statement"]仅包含一项。 Using your words, p["Statement"][0] returns "everything" because it actually contains everything. 用您的话说, p["Statement"][0]返回“一切”,因为它实际上包含了所有内容。 It contains a list of Item and one of the item is a list of arn resources. 它包含一个Item列表,其中一个是arn资源列表。
There you go: 你去了:
>>print(p["Statement"][0])
[ { u'Action': u's3:DeleteBucket', u'Principal': { u'Service': u'config.amazonaws.com' }, u'Resource': [ u'arn:aws:s3:::test090909', u'arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*' ], u'Effect': u'Allow', u'Sid': u'Stmt1544682555302' } ]
>>print(p["Statement"][0]["Resource"])
[ u'arn:aws:s3:::test090909', u'arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*' ]
Then if you want to access one of the specific resource: 然后,如果要访问特定资源之一:
>>print(p["Statement"][0]["Resource"][0])
arn:aws:s3:::test090909
>>print(p["Statement"][0]["Resource"][1])
arn:aws:s3:::test090909/AWSLogs/111111111111/Config/*
Happy coding! 编码愉快!
解决方案2
0 2018-12-15 23:28:15
Python索引从0开始,因此p["Statement"][0]将返回该列表中的第一项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.