![](/img/trans.png)
[英]How to access a shared S3 bucket (shared through ACL) from the grantee's account
[英]How to add an ACL grantee for an AWS S3 bucket?
到目前為止,我可以從文檔中遵循什么,您可以獲得並放置 S3 存儲桶的整個 ACL(訪問控制列表)。
獲取規格描述您獲得所有現有的贈款。
把規范描述你需要寫回整個 ACL 對象。
但是如果我只想插入一個新的受贈者怎么辦? (理想情況下不要檢索 ACL 中的所有授權才能做到這一點)
對我而言,以下工作(仍不確定是否所有贈款都已轉移):
grant = {
'Grantee': {
'DisplayName': grantee_id,
'ID': grantee_canonical_user_id,
'Type': 'CanonicalUser'
},
'Permission': 'FULL_CONTROL'
}
acl.grants.append(grant)
acl.put(
AccessControlPolicy={
'Grants': acl.grants,
'Owner': {
'ID': owner_canonical_user_id
}
})
一個完整的例子是這樣的:
s3_resource = boto3.resource('s3')
s3_bucket = s3_resource.Bucket("bucket_name")
bucket_acl = s3_bucket.Acl()
grant_write = {
"Grantee": {
"ID": "CANONICAL ID",
"Type": "CanonicalUser"
},
"Permission": "WRITE"
}
grant_read = {
"Grantee": {
"ID": "CANONICAL ID",
"Type": "CanonicalUser"
},
"Permission": "READ"
}
grant_read_acp = {
"Grantee": {
"ID": "CANONICAL ID",
"Type": "CanonicalUser"
},
"Permission": "READ_ACP"
}
bucket_acl.grants.append(grant_write)
bucket_acl.grants.append(grant_read)
bucket_acl.grants.append(grant_read_acp)
s3_acl_response = bucket_acl.put(
AccessControlPolicy={
"Grants": bucket_acl.grants,
"Owner": {
"DisplayName": "OWNER Account",
"ID": "OWNER CANONICAL ID"
}
})
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.