تعیین کنترل دسترسی (ACL) صندوقچه

با استفاده از این امکان شما می‌توانید سطح دسترسی به صندوقچه را تغییر دهید.

مولفه‌ها

• کلیدهای احراز هویت
• نام صندوقچه
• سطح دسترسی صندوقچه

سطح دسترسی صندوقچه

سطح دسترسی صندوقچه چگونگی دسترسی به اطلاعات داخل صندوقچه را مشخص می‌کند.

سطوح دسترسی به صندوقچه:

• Private (خصوصی)
• Public-read (خواندن عمومی)

NET.

using Amazon;
using Amazon.S3;
using Amazon.S3.Model;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;

namespace PutBucketAcl
{
  class PutBucketAcl
  {
      private const string bucketName = "<BUCKET_NAME>";
      private const string acl = "private"; // private or public-read
      private static IAmazonS3 _s3Client;
      public static void Main()
      {
          var awsCredentials = new Amazon.Runtime.BasicAWSCredentials("<ACCESS-KEY>", "<SECRET-KEY>");
          var config = new AmazonS3Config { ServiceURL = "<ENDPOINT>" };
          _s3Client = new AmazonS3Client(awsCredentials, config);
          PutBucketAclAsync().Wait();
      }
      private static async Task PutBucketAclAsync()
      {
          try
          {
              // Set a new ACL.
              PutACLResponse response = await _s3Client.PutACLAsync(new PutACLRequest
              {
                  BucketName = bucketName,
                  CannedACL  = acl == "private" ? S3CannedACL.Private : S3CannedACL.PublicRead, // S3CannedACL.PublicRead or S3CannedACL.Private
              });

              Console.WriteLine($"Access-list {acl} added to {bucketName} bucket");
          }
          catch (AmazonS3Exception amazonS3Exception)
          {
              Console.WriteLine("An AmazonS3Exception was thrown. Exception: " + amazonS3Exception.ToString());
          }
          catch (Exception e)
          {
              Console.WriteLine("Exception: " + e.ToString());
          }
      }
  }
}

PHP

<?php
require('client.php');
$bucket = $config['sample_bucket'];
// Sets the permissions on a bucket using access control lists (ACL).
$params = [
  'ACL' => 'public-read',
  'Bucket' => $bucket,
];
try {
  $resp = $client->putBucketAcl($params);
  echo "Succeed in setting bucket ACL.\n";
} catch (AwsException $e) {
  // Display error message
  echo $e->getMessage();
  echo "\n";
}

Python

import boto3
import logging
from botocore.exceptions import ClientError

# Configure logging
logging.basicConfig(level=logging.INFO)

try:
   # S3 resource
   s3_resource = boto3.resource(
       's3',
       endpoint_url='endpoint_url',
       aws_access_key_id='access_key',
       aws_secret_access_key='secret_key'
   )

except Exception as exc:
   logging.error(exc)
else:
   try:
       bucket_name = 'bucket_name'
       bucket_acl = s3_resource.BucketAcl(bucket_name)
       bucket_acl.put(ACL='private')  # ACL='private'|'public-read'|'public-read-write'

   except ClientError as e:
       logging.error(e)

Javascript

// Import required AWS SDK clients and commands for Node.js
const { S3Client, PutBucketAclCommand } = require('@aws-sdk/client-s3');

// Create an S3 client service object
const s3 = new S3Client({
  region: 'default',
  endpoint: 'endpoint_url',
  credentials: {
      accessKeyId: 'access_key',
      secretAccessKey: 'secret_key',
  },
});

const run = async () => {
  try {
      const response = await s3.send(
          new PutBucketAclCommand({
              Bucket: 'sample_bucket',
              ACL: 'private', // 'private' | 'public-read'
          })
      );
      console.log('Success', response);
  } catch (err) {
      console.log('Error', err);
  }
};

run();

GO

package main

import (
  "github.com/aws/aws-sdk-go/aws"
  "github.com/aws/aws-sdk-go/aws/credentials"
  "github.com/aws/aws-sdk-go/aws/session"
  "github.com/aws/aws-sdk-go/service/s3"

  "fmt"
  "os"
)

// Allows person with EMAIL address PERMISSION access to BUCKET
// If PERMISSION is missing, they get READ access.
//
// Usage:
//    go run s3_put_bucket_acl.go BUCKET ACL
func main() {

  if len(os.Args) != 3 {
      exitErrorf("Bucket name and ACL name required\nUsage: go run", os.Args[0], "BUCKET", os.Args[1], "ACL")
  }

  bucket := os.Args[1]
  acl := os.Args[2]

  if !(acl == "private" || acl == "public-read") {
      fmt.Println("Illegal acl value. It must be one of:")
      fmt.Println("private or public-read")
      os.Exit(1)
  }

  sess, err := session.NewSession(&aws.Config{
      Credentials: credentials.NewStaticCredentials("<ACCESS_KEY>", "<SECRET_KEY>", ""),
  })
  svc := s3.New(sess, &aws.Config{
      Region:   aws.String("default"),
      Endpoint: aws.String("<ENDPOINT_URL>"),
  })

  params := &s3.PutBucketAclInput{
      Bucket: &bucket,
      ACL:    aws.String(acl),
  }

  // Set bucket ACL
  _, err = svc.PutBucketAcl(params)
  if err != nil {
      exitErrorf(err.Error())
  }

  fmt.Println("Congratulations. You put", acl, "permissions to bucket", bucket)
}

func exitErrorf(msg string, args ...interface{}) {
  fmt.Fprintf(os.Stderr, msg+"\n", args...)
  os.Exit(1)
}

برای اجرای قطعه کد بالا با فرض نام‌گذاری فایل کد به s3_put_bucket_acl.go می‌توان از دستور زیر استفاده کرد:

go run s3_put_bucket_acl.go BUCKET ACL