AWS 문서 AWS SDK 예제 리포지토리에 더 많은 SDK
기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.
AWS SDK 또는 PutBucketPolicy CLI와 함께 사용
다음 코드 예제는 PutBucketPolicy의 사용 방법을 보여줍니다.
- C++
-
- SDK for C++
-
참고
더 많은 정보가 있습니다. GitHub AWS 코드 예제 리포지토리
에서 전체 예제를 찾고 설정 및 실행하는 방법을 배워보세요. bool AwsDoc::S3::putBucketPolicy(const Aws::String &bucketName, const Aws::String &policyBody, const Aws::S3::S3ClientConfiguration &clientConfig) { Aws::S3::S3Client s3Client(clientConfig); std::shared_ptr<Aws::StringStream> request_body = Aws::MakeShared<Aws::StringStream>(""); *request_body << policyBody; Aws::S3::Model::PutBucketPolicyRequest request; request.SetBucket(bucketName); request.SetBody(request_body); Aws::S3::Model::PutBucketPolicyOutcome outcome = s3Client.PutBucketPolicy(request); if (!outcome.IsSuccess()) { std::cerr << "Error: putBucketPolicy: " << outcome.GetError().GetMessage() << std::endl; } else { std::cout << "Set the following policy body for the bucket '" << bucketName << "':" << std::endl << std::endl; std::cout << policyBody << std::endl; } return outcome.IsSuccess(); } //! Build a policy JSON string. /*! \param userArn: Aws user Amazon Resource Name (ARN). For more information, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns. \param bucketName: Name of a bucket. \return String: Policy as JSON string. */ Aws::String getPolicyString(const Aws::String &userArn, const Aws::String &bucketName) { return "{\n" " \"Version\":\"2012-10-17\",\n" " \"Statement\":[\n" " {\n" " \"Sid\": \"1\",\n" " \"Effect\": \"Allow\",\n" " \"Principal\": {\n" " \"AWS\": \"" + userArn + "\"\n"" },\n" " \"Action\": [ \"s3:getObject\" ],\n" " \"Resource\": [ \"arn:aws:s3:::" + bucketName + "/*\" ]\n" " }\n" " ]\n" "}"; }-
API 세부 정보는 AWS SDK for C++ API PutBucketPolicy참조를 참조하십시오.
-
- CLI
-
- AWS CLI
-
이 예제에서는 모든 사용자가 에 있는 객체를 MyBucket제외한 모든 객체를 검색할 수 MySecretFolder있습니다. 또한 AWS 계정의 루트 사용자에게
delete권한을put부여하고 권한을 부여합니다1234-5678-9012.aws s3api put-bucket-policy --bucket MyBucket --policy file://policy.json policy.json: { "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::MyBucket/*" }, { "Effect": "Deny", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::MyBucket/MySecretFolder/*" }, { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Action": [ "s3:DeleteObject", "s3:PutObject" ], "Resource": "arn:aws:s3:::MyBucket/*" } ] }-
API 세부 정보는 AWS CLI 명령 PutBucketPolicy
참조를 참조하십시오.
-
- Java
-
- SDK for Java 2.x
-
참고
자세한 내용은 에서 확인할 수 GitHub 있습니다. AWS 코드 예제 리포지토리
에서 전체 예제를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.services.s3.model.PutBucketPolicyRequest; import software.amazon.awssdk.services.s3.model.S3Exception; import software.amazon.awssdk.regions.Region; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Paths; import java.util.List; import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.databind.ObjectMapper; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class SetBucketPolicy { public static void main(String[] args) { final String usage = """ Usage: <bucketName> <polFile> Where: bucketName - The Amazon S3 bucket to set the policy on. polFile - A JSON file containing the policy (see the Amazon S3 Readme for an example).\s """; if (args.length != 2) { System.out.println(usage); System.exit(1); } String bucketName = args[0]; String polFile = args[1]; String policyText = getBucketPolicyFromFile(polFile); Region region = Region.US_EAST_1; S3Client s3 = S3Client.builder() .region(region) .build(); setPolicy(s3, bucketName, policyText); s3.close(); } public static void setPolicy(S3Client s3, String bucketName, String policyText) { System.out.println("Setting policy:"); System.out.println("----"); System.out.println(policyText); System.out.println("----"); System.out.format("On Amazon S3 bucket: \"%s\"\n", bucketName); try { PutBucketPolicyRequest policyReq = PutBucketPolicyRequest.builder() .bucket(bucketName) .policy(policyText) .build(); s3.putBucketPolicy(policyReq); } catch (S3Exception e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } System.out.println("Done!"); } // Loads a JSON-formatted policy from a file public static String getBucketPolicyFromFile(String policyFile) { StringBuilder fileText = new StringBuilder(); try { List<String> lines = Files.readAllLines(Paths.get(policyFile), StandardCharsets.UTF_8); for (String line : lines) { fileText.append(line); } } catch (IOException e) { System.out.format("Problem reading file: \"%s\"", policyFile); System.out.println(e.getMessage()); } try { final JsonParser parser = new ObjectMapper().getFactory().createParser(fileText.toString()); while (parser.nextToken() != null) { } } catch (IOException jpe) { jpe.printStackTrace(); } return fileText.toString(); } }-
API 세부 정보는 AWS SDK for Java 2.x API PutBucketPolicy참조를 참조하십시오.
-
- JavaScript
-
- JavaScript (v3) 용 SDK
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예제 리포지토리
에서 전체 예제를 찾고 설정 및 실행하는 방법을 배워보세요. 정책을 추가합니다.
import { PutBucketPolicyCommand, S3Client } from "@aws-sdk/client-s3"; const client = new S3Client({}); export const main = async () => { const command = new PutBucketPolicyCommand({ Policy: JSON.stringify({ Version: "2012-10-17", Statement: [ { Sid: "AllowGetObject", // Allow this particular user to call GetObject on any object in this bucket. Effect: "Allow", Principal: { AWS: "arn:aws:iam::ACCOUNT-ID:user/USERNAME", }, Action: "s3:GetObject", Resource: "arn:aws:s3:::BUCKET-NAME/*", }, ], }), // Apply the preceding policy to this bucket. Bucket: "BUCKET-NAME", }); try { const response = await client.send(command); console.log(response); } catch (err) { console.error(err); } };-
자세한 정보는 AWS SDK for JavaScript 개발자 안내서를 참조하십시오.
-
API 세부 정보는 AWS SDK for JavaScript API PutBucketPolicy참조를 참조하십시오.
-
- Python
-
- SDK for Python(Boto3)
-
참고
자세한 내용은 다음과 같습니다 GitHub. AWS 코드 예제 리포지토리
에서 전체 예제를 찾고 설정 및 실행하는 방법을 배워보세요. class BucketWrapper: """Encapsulates S3 bucket actions.""" def __init__(self, bucket): """ :param bucket: A Boto3 Bucket resource. This is a high-level resource in Boto3 that wraps bucket actions in a class-like structure. """ self.bucket = bucket self.name = bucket.name def put_policy(self, policy): """ Apply a security policy to the bucket. Policies control users' ability to perform specific actions, such as listing the objects in the bucket. :param policy: The policy to apply to the bucket. """ try: self.bucket.Policy().put(Policy=json.dumps(policy)) logger.info("Put policy %s for bucket '%s'.", policy, self.bucket.name) except ClientError: logger.exception("Couldn't apply policy to bucket '%s'.", self.bucket.name) raise-
API에 대한 자세한 내용은 파이썬용AWS SDK (Boto3) API 레퍼런스를 참조하십시오 PutBucketPolicy.
-
- Ruby
-
- SDK for Ruby
-
참고
자세한 내용은 여기에서 확인할 수 있습니다. GitHub AWS 코드 예제 리포지토리
에서 전체 예제를 찾고 설정 및 실행하는 방법을 배워보세요. # Wraps an Amazon S3 bucket policy. class BucketPolicyWrapper attr_reader :bucket_policy # @param bucket_policy [Aws::S3::BucketPolicy] A bucket policy object configured with an existing bucket. def initialize(bucket_policy) @bucket_policy = bucket_policy end # Sets a policy on a bucket. # def set_policy(policy) @bucket_policy.put(policy: policy) true rescue Aws::Errors::ServiceError => e puts "Couldn't set the policy for #{@bucket_policy.bucket.name}. Here's why: #{e.message}" false end end-
API 세부 정보는 AWS SDK for Ruby API PutBucketPolicy참조를 참조하십시오.
-
PutBucketNotificationConfiguration
PutBucketReplication