python 获取公共可读的所有S3存储桶名称，如果设置为“私有”

Posted 2021-05-09

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了python 获取公共可读的所有S3存储桶名称，如果设置为“私有”相关的知识，希望对你有一定的参考价值。

import boto3

GROUPS_ALLUSERS = 'http://acs.amazonaws.com/groups/global/AllUsers'
GLOBAL_AUTHUSERS = 'http://acs.amazonaws.com/groups/global/AuthenticatedUsers'

s3 = boto3.client('s3')

list_buckets = s3.list_buckets()['Buckets']

available_buckets = []
results = []

# get bucket names
for bucket_name in list_buckets:
    available_buckets.append(bucket_name['Name'])

# get bucket-acls
for each_bucket in available_buckets:
    try:
        acl = s3.get_bucket_acl(Bucket=each_bucket)
        for grant in acl['Grants']:
            if 'URI' not in grant['Grantee']:
                continue
            if grant['Grantee']['URI'] in [GROUPS_ALLUSERS, GLOBAL_AUTHUSERS]:
                results.append(each_bucket)
                continue
            if grant['Permission'] == 'READ':
                continue

    except Exception as e:
        continue

if len(results) > 0:
    for public_buckets in results:
        print("Public Bucket: " + public_buckets)
        print("Removing Public Access on: " + public_bucket)
        s3.put_bucket_acl(Bucket=public_bucket, ACL='private')
else:
    print("No Public Readable Buckets Found")

以上是关于python 获取公共可读的所有S3存储桶名称，如果设置为“私有”的主要内容，如果未能解决你的问题，请参考以下文章