0
所以我有一個用戶,其IAM權限設置爲以下。它只是爲了讓他們創建/刪除/列表/等。對象存儲在「Target_Folder /」中。針對boto3 S3 API調用的文件夾特定IAM權限
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt123456789",
"Effect": "Allow",
"Action": [
"s3:CreateBucket",
"s3:DeleteObject",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::bucket/Target_Folder/*"
]
}
]
}
使用boto3,我在配置中嵌入了相關的aws_access_key_id和aws_secret_access_key。這樣做後,我發現我無法瓶坯「//TARGET_FOLDER」的中的任何動作,如:
import boto3
import boto.s3.transfer
#Need to manually import S3Transfer() for some reason.
from boto.s3.transfer import S3Transfer
bucket = 'bucket'
prefix = 'Test_Folder/'
client = boto3.client(s3)
#Attempt to print objects under the Target_Folder
response = client.list_objects(Bucket = bucket, Prefix = prefix)
for file in response['Contents']:
print(file['key'])
#Attempt to upload file
transfer = S3Transfer(client)
transfer.upload_file('C:/filepath/file', bucket, prefix)
最終,不管用什麼辦法,我收到一個"botocore.exceptions.ClientError: An error occured (SignatureDoesNotMatch)...."
。相反,如果我使用具有更多開放存儲桶權限的密鑰/祕密密鑰對,則不存在與API交互的問題。如果已經在另一個線程中得到了回答或澄清,我很抱歉,在搜索過程中我找不到任何好的東西。