如何授予S3存儲桶文件的批量權限？

Question

我有一個自定義的AMI，在使用ec2-upload-bundle時上傳失敗，但其餘項目是通過AWS控制面板上傳的。然而，這意味着大約一半的捆綁零件缺少AMI成功啓動所需的「za團隊」受讓人。我如何才能將批量的「za-team」相關的「開放/下載」權限應用到桶中缺少文件的文件中？

Answer 1

這讓我花了一段時間才發現，因爲我是Ruby的新手;但是，以下循環遍歷存儲區中的所有文件並追加文件中指定的權限。 acl.grant command上的相關SDK文檔給出了一些關於腳本正在做什麼的信息。

#!/usr/bin/ruby 

# ----------------------------------------------------------------------------- 
# This script provides a means of updating all of the files in an S3 bucket to 
# have the correct permissions. As this script is effectively throwaway it 
# doesn't do much beyond making sure it runs at least once, however, is worth 
# keeping around as a reference in the event the problem arises again. 
# ----------------------------------------------------------------------------- 
require 'rubygems' 
require 'aws-sdk' 

# The following is the Amazon ID for the za-team group which is used for EC2 
# operations in S3 buckets 
za_team = '6aa5a366c34c1cbe25dc49211496e913e0351eb0e8c37aa3477e40942ec6b97c' 

# Note the configuration points 
AWS.config({ 
    :access_key_id => '[Access Key Here]', 
    :secret_access_key => '[Secret Access Key Here]', 
}) 
bucket_name = '[Bucket Name Here]' 

# Get the bucket information 
s3 = AWS::S3.new 
bucket = s3.buckets[bucket_name] 

# Update the ACL for each item in the bucket 
bucket.objects.each do |object| 
    puts object.key 
    acl = object.acl 
    acl.grant(:read). 
     to(:canonical_user_id => za_team) 
    object.acl = acl.to_xml 
end