2

I have an already created bucket in amazon s3. I want to make its content publicly available without any authentication. I have tried from documents of boto

To set a canned ACL for a bucket, use the set_acl method of the Bucket object. The argument passed to this method must be one of the four permissable canned policies named in the list CannedACLStrings contained in acl.py. For example, to make a bucket readable by anyone:

b.set_acl('public-read')

It is not working. I still cant access my files publicly. However setting acl to public-read for individual files is working.

I want to make it public from python as I don't have access to s3 console.

I want to make whole bucket publicly readable.

My code is

    conn = boto.connect_s3(
        aws_access_key_id = access_key,
        aws_secret_access_key = secret_key,
        host = 's3.amazonaws.com',
        #is_secure=False,               # uncomment if you are not using ssl
        calling_format = boto.s3.connection.OrdinaryCallingFormat(),
        )
bucket = conn.get_bucket('media_library')
bucket.set_acl('public-read')
Community
  • 1
  • 1
hard coder
  • 5,449
  • 6
  • 36
  • 61
  • My bucket is already created. Also that doesn't seem python code. – hard coder Jul 05 '16 at 06:47
  • do you have link for your bucket? – Rohan Khude Jul 05 '16 at 07:05
  • yes https://media_library.s3.amazonaws.com/public/users/Integrators/102ba277-aa60-4ec6-9e7d-84c8522d0b9d/test1-clientside/cp-2.png – hard coder Jul 05 '16 at 07:09
  • try this - import boto.s3 conn = boto.s3.connect_to_region('us-east-1') # or region of choice bucket = conn.get_bucket('public') key = bucket.lookup('users/Integrators/102ba277-aa60-4ec6-9e7d-84c8522d0b9d/test1-clientside/cp-2.png') key.set_acl('public-read') – Rohan Khude Jul 05 '16 at 07:12
  • That is already working, as I said in question. I want all files to be public – hard coder Jul 05 '16 at 07:14
  • have you set bucket policy? if yes, what is the policy contains? To make access all the files in bucket as public you just need the correct policy to set – Rohan Khude Jul 05 '16 at 07:20
  • I have done following `bucket.set_acl('public-read')` to set public-read policy. Is there anything else I have to do? – hard coder Jul 05 '16 at 07:25
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/116430/discussion-between-rohan-khude-and-sarvesh). – Rohan Khude Jul 05 '16 at 07:26

1 Answers1

5

You will need to create a Bucket Policy, which defines permissions on the bucket as a whole.

See 'Bucket Policy' in: Managing Access to S3 Resources (Access Policy Options)

You can do this via boto in Python with put_bucket_policy():

put_bucket_policy(**kwargs)

Replaces a policy on a bucket. If the bucket already has a policy, the one in this request completely replaces it.

Request Syntax

response = client.put_bucket_policy(Bucket='string', Policy='string')

See Bucket Policy Examples to find a suitable policy.

Here is a policy that makes the whole bucket publicly readable (just insert your own bucket name):

{
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"AddPerm",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::examplebucket/*"]
    }
  ]
}
John Rotenstein
  • 241,921
  • 22
  • 380
  • 470