英文:
Confusing documentation from Python Boto3 to create bucket?
问题
根据下面链接中的请求语法,我们可以将ACL参数传递给create_bucket方法,ACL设置为'public-read'。
但是,当我尝试这样做时,出现了以下错误:
botocore.exceptions.ClientError: 调用CreateBucket操作时发生错误(InvalidBucketAclWithBlockPublicAccessError):无法启用BlockPublicAccess并设置公共ACL的存储桶。
如果"public-read"可能引发该错误,为什么文档中还提到了该选项呢?我们是否可以简单地调用"put_public_access_block"然后调用"put_bucket_acl"方法呢?
以下是我尝试的代码示例:
def create_bucket(bucket_name, acl):
bucket = boto3.client('s3')
response = bucket.create_bucket(
Bucket=bucket_name,
ObjectOwnership='BucketOwnerPreferred',
ACL=acl,
CreateBucketConfiguration={
'LocationConstraint':'us-west-1',
}
)
create_bucket('sample_bucket', 'public-read')
英文:
As per the Request Syntax in below link, we can pass ACL parameter to create_bucket method with ACL as 'public-read'.
but when I pass it giving the error as
> botocore.exceptions.ClientError: An error occurred (InvalidBucketAclWithBlockPublicAccessError) when calling the CreateBucket operation: Bucket cannot have public ACLs set with BlockPublicAccess enabled
If the "public-read" can raise that error, why it mentioned about that option in the documentation? We can simply call "put_public_access_block" and then "put_bucket_acl" methods right?
Below is code sample of what I tried
def create_bucket(bucket_name, acl):
bucket = boto3.client('s3')
response = bucket.create_bucket(
Bucket=bucket_name,
ObjectOwnership='BucketOwnerPreferred',
ACL=acl,
CreateBucketConfiguration={
'LocationConstraint':'us-west-1',
}
)
create_bucket('sample_bucket', 'public-read')
答案1
得分: 1
这种行为符合Amazon S3的设计和其安全最佳实践。
您提到的文档提到了ACL参数的'public-read'选项,因为它代表了可以与S3存储桶一起使用的可能ACL配置之一。但是,请注意'public-read' ACL与阻止公共访问设置不兼容。
英文:
This behavior is in accordance with the design of Amazon S3 and its security best practices.
The documentation you referred to mentions the 'public-read' option for the ACL parameter because it represents one of the possible ACL configurations that can be used with S3 buckets. However, it's important to note that the 'public-read' ACL is incompatible with Block Public Access settings.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论