boto3 s3 存儲桶標記

Question

標記存儲桶時出現訪問錯誤。 請注意，我使用的角色具有 s3 完全訪問權限。 代碼工作正常，直到這一點 -

for bucket in s3.buckets.all():
            s3_bucket = bucket
            s3_bucket_name = s3_bucket.name
            try:
                response = s3_client.get_bucket_tagging(Bucket=s3_bucket_name)
                print(response)
            except ClientError:
                print (s3_bucket_name, "does not have tags")

但添加 putTag 代碼后，即使 GetBucketTagging 操作也會出錯。 這是我的最終代碼：

for bucket in s3.buckets.all():
            s3_bucket = bucket
            s3_bucket_name = s3_bucket.name
            try:
                response = s3_client.get_bucket_tagging(Bucket=s3_bucket_name)
                print(response)
                
            except ClientError:
                print (s3_bucket_name, "does not have tags")
                bucket_tagging = s3.BucketTagging(s3_bucket_name)
                response = bucket_tagging.put(
                 Tagging={
                      'TagSet': [
                        {
                            'Key': 'pcs:name',
                            'Value': s3_bucket_name
                        },
                      ]
                    },
                )

我得到的錯誤是 -

botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the GetBucketTagging operation: Access Denied

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "tagging.py", line 91, in <module>
    tagging()
  File "tagging.py", line 71, in tagging
    'Value': s3_bucket_name
  File "/home/ec2-user/compass_backend/compass_backend/lib64/python3.7/site-packages/boto3/resources/factory.py", line 520, in do_action
    response = action(self, *args, **kwargs)
  File "/home/ec2-user/compass_backend/compass_backend/lib64/python3.7/site-packages/boto3/resources/action.py", line 83, in __call__
    response = getattr(parent.meta.client, operation_name)(*args, **params)
  File "/home/ec2-user/compass_backend/compass_backend/lib64/python3.7/site-packages/botocore/client.py", line 395, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/home/ec2-user/compass_backend/compass_backend/lib64/python3.7/site-packages/botocore/client.py", line 725, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutBucketTagging operation: Access Denied

我是否傳遞了錯誤的標簽參數？ 從 Boto3 文檔本身得到這個

Answer 1

我拿出了try部分並運行了這個版本的代碼：

import boto3

s3_resource = boto3.resource('s3')

bucket_tagging = s3_resource.BucketTagging('my-bucket-name')
response = bucket_tagging.put(
        Tagging={
            'TagSet': [
            {
                'Key': 'pcs:name',
                'Value': 'stackoverflow'
            },
            ]
        },
    )

它工作得很好：

[ Amazon S3 存儲桶標簽

因此，一定有其他原因導致您的請求失敗。 您可能需要檢查 AWS CloudTrail 以查看是否有關於請求被拒絕原因的提示。

Answer 2

沒有標簽時，“get_bucket_tagging”會拋出 NoSuchTagSet。 對於測試，在運行測試之前先創建一個標簽，或者捕獲異常並創建標簽。

Answer 3

我找不到捕獲異常的方法，但是，這對我有用：

tagging_client = boto3.client('resourcegroupstaggingapi')
s3 = boto3.resource('s3')
s3_client = boto3.client('s3')
for bucket in s3.buckets.all():
     s3_bucket = bucket
     s3_bucket_name = s3_bucket.name
     bucket_tagging = s3.BucketTagging(s3_bucket_name)
     try:
        response = s3_client.get_bucket_tagging(Bucket=s3_bucket_name)
        a = response
     except ClientError:
        response = tagging_client.tag_resources(
        ResourceARNList=[
            "arn:aws:s3:::" + bucket.name
        ],
        Tags={
            'pcs:name': bucket.name
        }
      )

請注意，您需要附加到您的角色的附加“資源標記”策略。 希望這可以幫助。 干杯。

boto3 s3 存儲桶標記

問題描述

3 個解決方案

解決方案1
0 2022-09-06 04:02:00

解決方案2
0 2022-09-06 04:29:48

解決方案3
0 已采納 2022-09-08 06:41:31

boto3 s3 存儲桶標記

問題描述

3 個解決方案

解決方案1 0 2022-09-06 04:02:00

解決方案2 0 2022-09-06 04:29:48

解決方案3 0 已采納 2022-09-08 06:41:31

解決方案1
0 2022-09-06 04:02:00

解決方案2
0 2022-09-06 04:29:48

解決方案3
0 已采納 2022-09-08 06:41:31