如何将S3存储桶策略写入文件？

Question

我想从我拥有的所有s3存储桶中提取s3存储桶策略，并将其存储在各自的.json文件中。 该格式应为json。 但是，在我尝试的解决方案中，它将策略与响应元数据一起存储在文件中，而不是以jSOn格式存储。

"ResponseMetadata": {"HTTPStatusCode": 200, ...... "content-type": "application/json"}}}

可以在python / boto3中完成吗？ 这是我的代码。

try:
    s3client = get_s3Client('us-east-1')
    response = s3client.list_buckets()
    if response and response['Buckets']:
        for bucket in response['Buckets']:
            bucketName = bucket['Name']
            print (bucketName)
            policyname = policy_output + '\\' + bucketName + '.json'
            print (policyname)

            response = s3client.get_bucket_policy(
                Bucket=bucketName
            )
            print (response)
            with open(policyname, 'w') as f:
                json.dump(response, f)
                #f.write(response)

Answer 1

来自boto3 get_bucket_policy（）的响应是一个命令。 您需要检索“政策”元素。

尝试这样的事情：

import json
import boto3
from botocore.exceptions import ClientError

s3client = boto3.client('s3')
response = s3client.list_buckets()

if response and response['Buckets']:
    for bucket in response['Buckets']:
        bucketName = bucket['Name']
        print(bucketName)
        policyname = bucketName + '.json'
        print(policyname)

        try:
            response = s3client.get_bucket_policy(
                Bucket=bucketName
            )
            p = response['Policy']
            s = json.dumps(json.loads(p), indent=4)
            with open(policyname, 'w') as f:
                f.write(s)
        except ClientError as e:
            if e.response['Error']['Code'] == 'NoSuchBucketPolicy':
                pass
            else:
                print(e)