我的困惑是为什么我需要包括“传统”云存储角色。我更喜欢避免说“遗留”的东西,因为听起来它们会在这些天中被弃用。
我做错了吗?
这是我的情况:
我正在使用 appengine 项目中的服务帐户访问另一个项目中云存储中的文件。我正在使用 Google Python 客户端访问数据。
我分配了角色:
Storage Object Creator
Storage Object Viewer
但是当我尝试访问文件时出现错误:
<service account> does not have storage.buckets.get access
只有在我添加了“遗留角色”之后,它才最终可以访问:
Storage legacy bucket writer
Storage legacy bucket reader
这是代码:
def download_blob(bucket_name, source_blob_name, destination_file_name):
"""Downloads a blob from the bucket."""
bucket = storage_client.get_bucket(bucket_name)
blob = bucket.blob(source_blob_name)
blob.download_to_filename(destination_file_name)
print('Blob {} downloaded to {}.'.format(
source_blob_name,
destination_file_name))
def upload_blob(bucket_name, source_file_name, destination_blob_name):
"""Uploads a file to the bucket."""
bucket = storage_client.get_bucket(bucket_name)
blob = bucket.blob(destination_blob_name)
blob.upload_from_filename(source_file_name)
print('File {} uploaded to {}.'.format(
source_file_name,
destination_blob_name))
谢谢
抢
最佳答案
对于您的代码,我在下面添加了其他注释:
def download_blob(bucket_name, source_blob_name,
destination_file_name):
"""Downloads a blob from the bucket."""
"""The following .get_bucket() requires storage.buckets.get permission."""
bucket = storage_client.get_bucket(bucket_name)
"""The following doesn't"""
bucket = storage_client.bucket(bucket_name)
blob = bucket.blob(source_blob_name)
blob.download_to_filename(destination_file_name)
print('Blob {} downloaded to {}.'.format(
source_blob_name,
destination_file_name))
重申:
storage_client.get_bucket(bucket_name)
需要 storage.bucket.get 权限,因为它正在执行存储桶元数据 GET 请求。storage_cilent.bucket(bucket_name)
不需要此权限,因为它不执行 GET 请求,只创建一个名称由 bucket_name
定义的存储桶对象。 .对于上传绕过 storage.buckets.get 问题:
from google.cloud import storage
storage_client = storage.Client()
bucket = storage_client.bucket(bucket_name)
blob = bucket.blob(source_blob_name)
blob.upload_from_filename(source_file_name)
关于google-app-engine - 是否需要旧版云存储权限?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51420996/