Last active 1758032090

Some samples of working with S3 on AWS.

S3access.md Raw

This is both the Python code to access an S3 bucket and the IAM policy JSON for the bucket permissions.

An IAM policy JSON that you can attach to your AWS account to grant the necessary permissions for S3 bucket access:

IAM Policy JSON for S3 Bucket Access

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "ListBucketPermission",
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": "arn:aws:s3:::your-bucket-name"
        },
        {
            "Sid": "ObjectLevelPermissions",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject",
                "s3:DeleteObject",
                "s3:GetObjectAcl"
            ],
            "Resource": "arn:aws:s3:::your-bucket-name/*"
        }
    ]
}

Setup Instructions

1. Install Required Python Package

pip install boto3

2. Configure AWS Credentials

You have several options to configure AWS credentials:

Option A: AWS CLI Configuration

aws configure

Option B: Environment Variables

export AWS_ACCESS_KEY_ID=your_access_key
export AWS_SECRET_ACCESS_KEY=your_secret_key
export AWS_DEFAULT_REGION=us-east-1

Option C: IAM Role (if running on EC2) Attach an IAM role with the above policy to your EC2 instance.

3. Apply the IAM Policy

Replace your-bucket-name in the policy JSON with your actual bucket name, then:

  1. For IAM User: Go to IAM → Users → Select your user → Permissions → Add permissions → Create policy → JSON tab → Paste the policy
  2. For IAM Role: Go to IAM → Roles → Select your role → Permissions → Add permissions → Create policy → JSON tab → Paste the policy

4. Usage

Replace BUCKET_NAME in the Python code with your actual bucket name and run the script.

Policy Permission Breakdown

  • s3:ListBucket: Allows listing objects in the bucket
  • s3:GetObject: Allows downloading/reading objects
  • s3:PutObject: Allows uploading objects
  • s3:DeleteObject: Allows deleting objects
  • s3:GetObjectAcl: Allows reading object ACLs (needed for some presigned URL operations)

Security Notes

  • The policy grants access only to the specified bucket
  • For production use, consider adding IP restrictions or MFA requirements
  • You can restrict access to specific folder paths by modifying the Resource ARN (e.g., arn:aws:s3:::your-bucket-name/specific-folder/*)

This setup will give you full programmatic access to your S3 bucket with the Python code provided!

another-access-script.py Raw
1import boto3
2from botocore.exceptions import ClientError, NoCredentialsError
3import os
4from pathlib import Path
5
6class S3BucketManager:
7 def __init__(self, bucket_name, region_name='us-east-1'):
8 """
9 Initialize S3 client and set bucket name
10
11 Args:
12 bucket_name (str): Name of the S3 bucket
13 region_name (str): AWS region name (default: us-east-1)
14 """
15 self.bucket_name = bucket_name
16 self.region_name = region_name
17
18 try:
19 # Initialize S3 client
20 self.s3_client = boto3.client('s3', region_name=region_name)
21 self.s3_resource = boto3.resource('s3', region_name=region_name)
22 self.bucket = self.s3_resource.Bucket(bucket_name)
23 except NoCredentialsError:
24 print("Error: AWS credentials not found. Please configure your credentials.")
25 raise
26 except Exception as e:
27 print(f"Error initializing S3 client: {e}")
28 raise
29
30 def list_objects(self, prefix=''):
31 """
32 List all objects in the bucket with optional prefix filter
33
34 Args:
35 prefix (str): Optional prefix to filter objects
36
37 Returns:
38 list: List of object keys
39 """
40 try:
41 objects = []
42 paginator = self.s3_client.get_paginator('list_objects_v2')
43 pages = paginator.paginate(Bucket=self.bucket_name, Prefix=prefix)
44
45 for page in pages:
46 if 'Contents' in page:
47 for obj in page['Contents']:
48 objects.append({
49 'key': obj['Key'],
50 'size': obj['Size'],
51 'last_modified': obj['LastModified']
52 })
53
54 return objects
55 except ClientError as e:
56 print(f"Error listing objects: {e}")
57 return []
58
59 def upload_file(self, local_file_path, s3_key=None):
60 """
61 Upload a file to S3 bucket
62
63 Args:
64 local_file_path (str): Path to local file
65 s3_key (str): S3 object key (if None, uses filename)
66
67 Returns:
68 bool: True if successful, False otherwise
69 """
70 if s3_key is None:
71 s3_key = Path(local_file_path).name
72
73 try:
74 self.s3_client.upload_file(local_file_path, self.bucket_name, s3_key)
75 print(f"Successfully uploaded {local_file_path} to s3://{self.bucket_name}/{s3_key}")
76 return True
77 except FileNotFoundError:
78 print(f"Error: File {local_file_path} not found")
79 return False
80 except ClientError as e:
81 print(f"Error uploading file: {e}")
82 return False
83
84 def download_file(self, s3_key, local_file_path):
85 """
86 Download a file from S3 bucket
87
88 Args:
89 s3_key (str): S3 object key
90 local_file_path (str): Local path to save file
91
92 Returns:
93 bool: True if successful, False otherwise
94 """
95 try:
96 self.s3_client.download_file(self.bucket_name, s3_key, local_file_path)
97 print(f"Successfully downloaded s3://{self.bucket_name}/{s3_key} to {local_file_path}")
98 return True
99 except ClientError as e:
100 print(f"Error downloading file: {e}")
101 return False
102
103 def delete_object(self, s3_key):
104 """
105 Delete an object from S3 bucket
106
107 Args:
108 s3_key (str): S3 object key to delete
109
110 Returns:
111 bool: True if successful, False otherwise
112 """
113 try:
114 self.s3_client.delete_object(Bucket=self.bucket_name, Key=s3_key)
115 print(f"Successfully deleted s3://{self.bucket_name}/{s3_key}")
116 return True
117 except ClientError as e:
118 print(f"Error deleting object: {e}")
119 return False
120
121 def get_object_url(self, s3_key, expiration=3600):
122 """
123 Generate a presigned URL for an S3 object
124
125 Args:
126 s3_key (str): S3 object key
127 expiration (int): URL expiration time in seconds (default: 1 hour)
128
129 Returns:
130 str: Presigned URL or None if error
131 """
132 try:
133 url = self.s3_client.generate_presigned_url(
134 'get_object',
135 Params={'Bucket': self.bucket_name, 'Key': s3_key},
136 ExpiresIn=expiration
137 )
138 return url
139 except ClientError as e:
140 print(f"Error generating presigned URL: {e}")
141 return None
142
143 def object_exists(self, s3_key):
144 """
145 Check if an object exists in the bucket
146
147 Args:
148 s3_key (str): S3 object key
149
150 Returns:
151 bool: True if object exists, False otherwise
152 """
153 try:
154 self.s3_client.head_object(Bucket=self.bucket_name, Key=s3_key)
155 return True
156 except ClientError as e:
157 if e.response['Error']['Code'] == '404':
158 return False
159 else:
160 print(f"Error checking object existence: {e}")
161 return False
162
163# Example usage
164if __name__ == "__main__":
165 # Replace with your bucket name
166 BUCKET_NAME = "your-bucket-name"
167 REGION = "us-east-1" # Replace with your region
168
169 # Initialize S3 manager
170 s3_manager = S3BucketManager(BUCKET_NAME, REGION)
171
172 # List objects in bucket
173 print("Objects in bucket:")
174 objects = s3_manager.list_objects()
175 for obj in objects:
176 print(f" {obj['key']} ({obj['size']} bytes)")
177
178 # Example operations (uncomment to use):
179
180 # Upload a file
181 # s3_manager.upload_file("local_file.txt", "folder/remote_file.txt")
182
183 # Download a file
184 # s3_manager.download_file("folder/remote_file.txt", "downloaded_file.txt")
185
186 # Check if object exists
187 # if s3_manager.object_exists("folder/remote_file.txt"):
188 # print("Object exists!")
189
190 # Generate presigned URL
191 # url = s3_manager.get_object_url("folder/remote_file.txt", expiration=7200)
192 # print(f"Presigned URL: {url}")
193
194 # Delete an object
195 # s3_manager.delete_object("folder/remote_file.txt")
196
197
s3example.java Raw
1import com.amazonaws.services.s3.AmazonS3;
2import com.amazonaws.services.s3.AmazonS3ClientBuilder;
3import com.amazonaws.services.s3.model.*;
4import java.io.File;
5
6public class S3Examples {
7
8 private final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient();
9
10 // Create an S3 bucket
11 public void createBucket(String bucketName) {
12 s3.createBucket(bucketName);
13 }
14
15 // Upload an object to S3
16 public void uploadObject(String bucketName, String key, File file) {
17 s3.putObject(bucketName, key, file);
18 }
19
20 // Download an object from S3
21 public void downloadObject(String bucketName, String key, File file) {
22 s3.getObject(new GetObjectRequest(bucketName, key), file);
23 }
24
25 // List objects in a bucket
26 public ObjectListing listObjects(String bucketName) {
27 return s3.listObjects(bucketName);
28 }
29
30 // Generate pre-signed URL to share an S3 object
31 public URL generatePresignedUrl(String bucketName, String key) {
32 Date expiration = new Date();
33 long expTimeMillis = expiration.getTime();
34 expTimeMillis += 1000 * 60 * 60; // Add 1 hour.
35 expiration.setTime(expTimeMillis);
36
37 GeneratePresignedUrlRequest generatePresignedUrlRequest =
38 new GeneratePresignedUrlRequest(bucketName, key)
39 .withMethod(HttpMethod.GET)
40 .withExpiration(expiration);
41
42 return s3.generatePresignedUrl(generatePresignedUrlRequest);
43 }
44}
45// The key steps are:
46
47// 1. Create an S3Client object to interact with S3
48// 2. Call createBucket() to create a new S3 bucket
49// 3. Upload objects using putObject(), specifying bucket name, key, and file
50// 4. Download objects using getObject(), specifying bucket name, key, and target file
51// 5. List objects in a bucket using listObjects()
52// 6. Generate a pre-signed URL using generatePresignedUrl() by specifying bucket,
53// key, expiration date, and HTTP method.
54
55// The pre-signed URL allows temporary access to private S3 objects without requiring AWS credentials.
56// The URL is only valid until the specified expiration date/time.
s3example.py Raw
1import boto3
2from botocore.exceptions import ClientError
3
4s3 = boto3.client('s3')
5
6# Create a bucket
7bucket_name = 'my-bucket'
8location = {'LocationConstraint':'us-east-1'}
9s3.create_bucket(Bucket=bucket_name, CreateBucketConfiguration=location)
10
11# Upload an object to bucket
12filename = 'data.csv'
13object_name = 'data/data.csv'
14s3.upload_file(filename, bucket_name, object_name)
15
16# List objects in bucket
17response = s3.list_objects(Bucket=bucket_name)
18for object in response['Contents']:
19 print(object['Key'])
20
21# Download an object
22s3.download_file(bucket_name, object_name, 'data_download.csv')
23
24# Generate pre-signed URL to share an object
25url = s3.generate_presigned_url(
26 ClientMethod='get_object',
27 Params={'Bucket': bucket_name, 'Key': object_name},
28 ExpiresIn=3600)
29
30print(url)
31
32# This creates an S3 bucket, uploads a local CSV file to the bucket under object name 'data/data.csv',
33# lists all objects in the bucket, downloads the object to a local file, and generates a pre-signed URL
34# that allows temporary access to download the object for anyone with the URL.
35# The pre-signed URL expires after 3600 seconds (1 hour).
36