[英]Access client's AWS S3 bucket
We are asked to upload a file to client's S3 bucket;我们被要求将文件上传到客户的 S3 存储桶; however, we do not have AWS account (nor we plan on getting one).
但是,我们没有 AWS 账户(我们也不打算获得一个)。 What is the easiest way for the client to grant us access to their S3 bucket?
客户授予我们访问其 S3 存储桶的权限的最简单方法是什么?
My recommendation would be for your client to create an IAM user for you that is used for the upload.我的建议是让您的客户为您创建一个用于上传的 IAM 用户。 Then, you will need to install the AWS cli .
然后,您将需要安装 AWS cli 。 On your client's side there will be a user that the only permission they have is to write to their bucket.
在您的客户端,将有一个用户,他们拥有的唯一权限是写入他们的存储桶。 This can be done pretty simply and will look something like:
这可以很简单地完成,看起来像:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::the-bucket-name/*",
"arn:aws:s3:::the-bucket-name"
]
}
]
}
I have not thoroughly tested the above permissions!我没有彻底测试过上面的权限!
Then, on your side, after you install the AWS cli you need to have two files.然后,在您这边,安装 AWS cli 后,您需要有两个文件。 They both live in the home directory of the user that runs your script.
它们都位于运行脚本的用户的主目录中。 The first is
$HOME/.aws/config
.第一个是
$HOME/.aws/config
。 This has something like:这有类似的东西:
[default]
output=json
region=us-west-2
You will need to ask them what AWS region the bucket is in. Next is $HOME/.aws/credentials
.您需要询问他们存储桶所在的 AWS 区域。接下来是
$HOME/.aws/credentials
。 This will contain something like:这将包含以下内容:
[default]
aws_access_key_id=the-access-key
aws_secret_access_key=the-secret-key-they-give-you
They must give you the region, the access key, the secret key, and the bucket name.他们必须为您提供区域、访问密钥、密钥和存储桶名称。 With all of this you can now run something like:
有了这一切,你现在可以运行类似的东西:
aws s3 cp local-file-name.ext s3://the-client-bucket/destination-file-name.ext
This will transfer the local file local-file-name.ext
to the bucket the-client-bucket
with the file name there of destination-file-name.ext
.这会将本地文件
local-file-name.ext
传输到存储桶the-client-bucket
,其中的文件名为destination-file-name.ext
。 They may have a different path in the bucket.它们在存储桶中可能有不同的路径。
To recap:回顾一下:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.