本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
搭GetBucketPolicy
配 AWS 開發套件或 CLI 使用
下列程式碼範例會示範如何使用GetBucketPolicy
。
- C++
-
- 適用於 C++ 的 SDK
-
注意
還有更多關於 GitHub。尋找完整範例,並了解如何在AWS 設定和執行程式碼範例儲存庫
。 bool AwsDoc::S3::getBucketPolicy(const Aws::String &bucketName, const Aws::S3::S3ClientConfiguration &clientConfig) { Aws::S3::S3Client s3Client(clientConfig); Aws::S3::Model::GetBucketPolicyRequest request; request.SetBucket(bucketName); Aws::S3::Model::GetBucketPolicyOutcome outcome = s3Client.GetBucketPolicy(request); if (!outcome.IsSuccess()) { const Aws::S3::S3Error &err = outcome.GetError(); std::cerr << "Error: getBucketPolicy: " << err.GetExceptionName() << ": " << err.GetMessage() << std::endl; } else { Aws::StringStream policy_stream; Aws::String line; outcome.GetResult().GetPolicy() >> line; policy_stream << line; std::cout << "Retrieve the policy for bucket '" << bucketName << "':\n\n" << policy_stream.str() << std::endl; } return outcome.IsSuccess(); }
-
如需 API 詳細資訊,請參閱 AWS SDK for C++ API 參考GetBucketPolicy中的。
-
- CLI
-
- AWS CLI
-
下列命令會擷取名為的值區原則
my-bucket
:aws s3api get-bucket-policy --bucket my-bucket
輸出:
{ "Policy": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::my-bucket/*\"},{\"Sid\":\"\",\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::my-bucket/secret/*\"}]}" }
取得並放置儲存貯體政策下列範例顯示如何下載 Amazon S3 儲存貯體政策、修改檔案,然後使用套用
put-bucket-policy
修改後的儲存貯體政策。要將存儲桶策略下載到文件中,您可以運行:aws s3api get-bucket-policy --bucket mybucket --query Policy --output text > policy.json
然後,您可以視需要修改
policy.json
檔案。最後,您可以執行下列命令,將此修改後的政策套用回 S3 儲存貯體:policy.json
根據需要提供文件。最後,您可以執行下列命令,將此修改後的政策套用回 S3 儲存貯體:根據需要提供文件。最後,您可以執行下列命令,將此修改後的政策套用回 S3 儲存貯體:
aws s3api put-bucket-policy --bucket mybucket --policy file://policy.json
-
如需 API 詳細資訊,請參閱AWS CLI 命令參考GetBucketPolicy
中的。
-
- Java
-
- 適用於 Java 2.x 的 SDK
-
注意
還有更多關於 GitHub。尋找完整範例,並了解如何在AWS 設定和執行程式碼範例儲存庫
。 import software.amazon.awssdk.services.s3.model.S3Exception; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.services.s3.model.GetBucketPolicyRequest; import software.amazon.awssdk.services.s3.model.GetBucketPolicyResponse; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class GetBucketPolicy { public static void main(String[] args) { final String usage = """ Usage: <bucketName> Where: bucketName - The Amazon S3 bucket to get the policy from. """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String bucketName = args[0]; System.out.format("Getting policy for bucket: \"%s\"\n\n", bucketName); Region region = Region.US_EAST_1; S3Client s3 = S3Client.builder() .region(region) .build(); String polText = getPolicy(s3, bucketName); System.out.println("Policy Text: " + polText); s3.close(); } public static String getPolicy(S3Client s3, String bucketName) { String policyText; System.out.format("Getting policy for bucket: \"%s\"\n\n", bucketName); GetBucketPolicyRequest policyReq = GetBucketPolicyRequest.builder() .bucket(bucketName) .build(); try { GetBucketPolicyResponse policyRes = s3.getBucketPolicy(policyReq); policyText = policyRes.policy(); return policyText; } catch (S3Exception e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; } }
-
如需 API 詳細資訊,請參閱 AWS SDK for Java 2.x API 參考GetBucketPolicy中的。
-
- JavaScript
-
- 適用於 JavaScript (v3) 的開發套件
-
注意
還有更多關於 GitHub。尋找完整範例,並了解如何在AWS 設定和執行程式碼範例儲存庫
。 取得儲存貯體政策。
import { GetBucketPolicyCommand, S3Client } from "@aws-sdk/client-s3"; const client = new S3Client({}); export const main = async () => { const command = new GetBucketPolicyCommand({ Bucket: "test-bucket", }); try { const { Policy } = await client.send(command); console.log(JSON.parse(Policy)); } catch (err) { console.error(err); } };
-
如需詳細資訊,請參閱《AWS SDK for JavaScript 開發人員指南》。
-
如需 API 詳細資訊,請參閱 AWS SDK for JavaScript API 參考GetBucketPolicy中的。
-
- Kotlin
-
- 適用於 Kotlin 的 SDK
-
注意
還有更多關於 GitHub。尋找完整範例,並了解如何在AWS 設定和執行程式碼範例儲存庫
。 suspend fun getPolicy(bucketName: String): String? { println("Getting policy for bucket $bucketName") val request = GetBucketPolicyRequest { bucket = bucketName } S3Client { region = "us-east-1" }.use { s3 -> val policyRes = s3.getBucketPolicy(request) return policyRes.policy } }
-
有關 API 的詳細信息,請參閱 AWS SDK GetBucketPolicy
中的 Kotlin API 參考。
-
- PowerShell
-
- 適用的工具 PowerShell
-
範例 1:此命令會輸出與指定 S3 儲存貯體相關聯的儲存貯體政策。
Get-S3BucketPolicy -BucketName 's3testbucket'
-
如需 API 詳細資訊,請參閱AWS Tools for PowerShell 指令程GetBucketPolicy式參考中的。
-
- Python
-
- 適用於 Python (Boto3) 的 SDK
-
注意
還有更多關於 GitHub。尋找完整範例,並了解如何在AWS 設定和執行程式碼範例儲存庫
。 class BucketWrapper: """Encapsulates S3 bucket actions.""" def __init__(self, bucket): """ :param bucket: A Boto3 Bucket resource. This is a high-level resource in Boto3 that wraps bucket actions in a class-like structure. """ self.bucket = bucket self.name = bucket.name def get_policy(self): """ Get the security policy of the bucket. :return: The security policy of the specified bucket, in JSON format. """ try: policy = self.bucket.Policy() logger.info( "Got policy %s for bucket '%s'.", policy.policy, self.bucket.name ) except ClientError: logger.exception("Couldn't get policy for bucket '%s'.", self.bucket.name) raise else: return json.loads(policy.policy)
-
如需 API 的詳細資訊,請參閱AWS 開發套件GetBucketPolicy中的 Python (博托 3) API 參考。
-
- Ruby
-
- 適用於 Ruby 的開發套件
-
注意
還有更多關於 GitHub。尋找完整範例,並了解如何在AWS 設定和執行程式碼範例儲存庫
。 # Wraps an Amazon S3 bucket policy. class BucketPolicyWrapper attr_reader :bucket_policy # @param bucket_policy [Aws::S3::BucketPolicy] A bucket policy object configured with an existing bucket. def initialize(bucket_policy) @bucket_policy = bucket_policy end # Gets the policy of a bucket. # # @return [Aws::S3::GetBucketPolicyOutput, nil] The current bucket policy. def get_policy policy = @bucket_policy.data.policy policy.respond_to?(:read) ? policy.read : policy rescue Aws::Errors::ServiceError => e puts "Couldn't get the policy for #{@bucket_policy.bucket.name}. Here's why: #{e.message}" nil end end
-
如需 API 詳細資訊,請參閱 AWS SDK for Ruby API 參考GetBucketPolicy中的。
-
如需 AWS SDK 開發人員指南和程式碼範例的完整清單,請參閱搭配 AWS SDK 使用此服務。此主題也包含有關入門的資訊和舊版 SDK 的詳細資訊。