AWS:Boto3启用S3版本控制/生命周期-访问被拒绝

本文介绍了AWS:Boto3启用S3版本控制/生命周期-访问被拒绝的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试向boto3传递存储桶名称列表，并使其首先在每个存储桶上启用版本控制，然后在每个存储桶上启用生命周期策略.

I am trying to pass boto3 a list of bucket names and have it first enable versioning on each bucket, then enable a lifecycle policy on each.

我已经完成了aws configure，并且确实具有两个配置文件，两个配置文件都是具有所有必要权限的当前活动用户配置文件.我要使用的名称为默认".

I have done aws configure, and do have two profiles, both current, active user profiles with all necessary permissions. The one I want to use is named "default."

import boto3


# Create session
s3 = boto3.resource('s3')

# Bucket list
buckets = ['BUCKET-NAME']

# iterate through list of buckets
for bucket in buckets:
    # Enable Versioning
    bucketVersioning = s3.BucketVersioning('bucket')
    bucketVersioning.enable()

    # Current lifecycle configuration
    lifecycleConfig = s3.BucketLifecycle(bucket)
    lifecycleConfig.add_rule={
        'Rules': [
            {
                'Status': 'Enabled',
                'NoncurrentVersionTransition': {
                    'NoncurrentDays': 7,
                    'StorageClass': 'GLACIER'
                },
                'NoncurrentVersionExpiration': {
                    'NoncurrentDays': 30
                }
            }
        ]
    }


    # Configure Lifecycle
    bucket.configure_lifecycle(lifecycleConfig)


print "Versioning and lifecycle have been enabled for buckets."

运行此命令时，出现以下错误:

When I run this I get the following error:

Traceback (most recent call last):
  File "putVersioning.py", line 27, in <module>
    bucketVersioning.enable()
  File "/usr/local/lib/python2.7/dist-packages/boto3/resources/factory.py", line 520, in do_action
    response = action(self, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/boto3/resources/action.py", line 83, in __call__
    response = getattr(parent.meta.client, operation_name)(**params)
  File "/home/user/.local/lib/python2.7/site-packages/botocore/client.py", line 253, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/home/user/.local/lib/python2.7/site-packages/botocore/client.py", line 557, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutBucketVersioning operation: Access Denied

我的个人资料具有完整的特权，因此这不成问题.对于通过凭据，我还需要做些其他事情吗?谢谢大家！

My profiles has full privileges, so that shouldn't be a problem. Is there something else I need to do for passing credentials? Thanks everyone!

推荐答案

上面的语句意味着-要使用 PutBucketVersioning操作启用版本控制，您必须是存储桶的所有者.

The above statement means - To use PutBucketVersioning operation to enable the versioning, you must be the owner of the bucket.

使用以下命令检查存储桶的所有者.如果您是存储桶的所有者，则应该能够将版本控制状态设置为 ENABLED/SUSPENDED .

Use the below command to check the owner of the bucket. If you are the owner of the bucket, you should be able to set the versioning state as ENABLED / SUSPENDED.

aws s3api get-bucket-acl --bucket yourBucketName

这篇关于AWS:Boto3启用S3版本控制/生命周期-访问被拒绝的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！