1
我正在循環訪問存儲桶中的所有對象ACL,以從所有對象中刪除「Everyone」權限。這裏的想法是保留所有當前的權限。使用.NET API從aws s3對象ACL中刪除「Everyone」
我的問題是PutACL調用不起作用。在下面的例子中,創建了一個新的AccessControlList,省略了「everyone」條目。 PutACL調用成功返回,但對象的ACL未更改。
也許有更簡單的方法來識別和刪除特定的贈款。
AmazonS3Client s3 = new AmazonS3Client();
GetACLRequest aclRequest = new GetACLRequest() { BucketName = "my-bucket", Key = "/dir/protect_me.txt" };
var aclResponse = s3.GetACL(aclRequest);
bool foundEveryonePriv = false; //if found at least one.
S3AccessControlList newAcl = new S3AccessControlList();
foreach (var grant in aclResponse.AccessControlList.Grants)
{
bool grantToEveryone = string.Compare(grant.Grantee.URI, "http://acs.amazonaws.com/groups/global/AllUsers") == 0;
Logger.log.InfoFormat("{0},{1},{2},{3}", aclRequest.BucketName, o.Key, grant.Permission, (everyoneHasThisPriv ? "EVERYONE" : string.Empty));
if (grantToEveryone)
{
foundEveryonePriv = true;
newAcl.AddGrant(grant.Grantee, grant.Permission);
}
}
//modify the items if necessary and requested.
if (foundEveryonePriv)
{
newAcl.Owner = aclResponse.AccessControlList.Owner;
var response = s3.PutACL(new PutACLRequest() { AccessControlList = newAcl, BucketName = aclRequest.BucketName, Key = o.Key });
}