当我在 Docker 容器中运行它时失败,但当我在 OS X 的 virtualenv 中运行它时工作正常。知道可能出了什么问题吗? Docker+boto 是否存在任何已知问题?
>>> import boto3
>>> s3 = boto3.client('s3')
>>> s3.download_file("mybucket", "myfile.txt", "myfile2.txt")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/conda/lib/python2.7/site-packages/boto3/s3/inject.py", line 104, in download_file
extra_args=ExtraArgs, callback=Callback)
File "/opt/conda/lib/python2.7/site-packages/boto3/s3/transfer.py", line 666, in download_file
object_size = self._object_size(bucket, key, extra_args)
File "/opt/conda/lib/python2.7/site-packages/boto3/s3/transfer.py", line 729, in _object_size
Bucket=bucket, Key=key, **extra_args)['ContentLength']
File "/opt/conda/lib/python2.7/site-packages/botocore/client.py", line 258, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/opt/conda/lib/python2.7/site-packages/botocore/client.py", line 548, in _make_api_call
raise ClientError(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (403) when calling the HeadObject operation: Forbidden
最佳答案
查看错误:调用HeadObject操作时发生错误(403):Forbidden
它找到了凭据,但没有访问存储桶的权限。底线:更新您的 IAM 权限以包含对您的存储桶的 s3:ListBucket
权限:arn:aws:s3:::mybucket/*
或仅附加策略 AmazonS3ReadOnlyAccess
到您的 IAM 用户/角色。
您可以试试看它会打印出正确的凭据:
>>> import botocore.session
>>> session = botocore.session.get_session()
>>> session.get_credentials().access_key
'AKIAABCDEF6RWSGI234Q'
>>> session.get_credentials().secret_key
'abcdefghijkl+123456789+qbcd'
关于python - 在 Docker 中使用 boto3 从 S3 下载文件失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37310487/