文件 AWS 開發套件範例 GitHub 儲存庫中有更多可用的 [AWS SDK 範例](https://github.com/awsdocs/aws-doc-sdk-examples)。
本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# `GetBucketPolicy` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `GetBucketPolicy`。
------
#### [ C\$1\$1 ]
**適用於 C\$1\$1 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/s3#code-examples)中設定和執行。
```
bool AwsDoc::S3::getBucketPolicy(const Aws::String &bucketName,
const Aws::S3::S3ClientConfiguration &clientConfig) {
Aws::S3::S3Client s3Client(clientConfig);
Aws::S3::Model::GetBucketPolicyRequest request;
request.SetBucket(bucketName);
Aws::S3::Model::GetBucketPolicyOutcome outcome =
s3Client.GetBucketPolicy(request);
if (!outcome.IsSuccess()) {
const Aws::S3::S3Error &err = outcome.GetError();
std::cerr << "Error: getBucketPolicy: "
<< err.GetExceptionName() << ": " << err.GetMessage() << std::endl;
} else {
Aws::StringStream policy_stream;
Aws::String line;
outcome.GetResult().GetPolicy() >> line;
policy_stream << line;
std::cout << "Retrieve the policy for bucket '" << bucketName << "':\n\n" <<
policy_stream.str() << std::endl;
}
return outcome.IsSuccess();
}
```
+ 如需 API 詳細資訊,請參閱*《適用於 C\$1\$1 的 AWS SDK API 參考》*中的 [GetBucketPolicy](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/GetBucketPolicy)。
------
#### [ CLI ]
**AWS CLI**
下列命令會擷取名為 `amzn-s3-demo-bucket` 之儲存貯體的儲存貯體政策:
```
aws s3api get-bucket-policy --bucket amzn-s3-demo-bucket
```
輸出:
```
{
"Policy": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::amzn-s3-demo-bucket/*\"},{\"Sid\":\"\",\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::amzn-s3-demo-bucket/secret/*\"}]}"
}
```
取得並放置儲存貯體政策。下列範例示範如何下載 Amazon S3 儲存貯體政策、修改檔案,然後使用 `put-bucket-policy` 套用修改過的儲存貯體政策。若要將儲存貯體政策下載至檔案,您可以執行:
```
aws s3api get-bucket-policy --bucket amzn-s3-demo-bucket --query Policy --output text > policy.json
```
然後視需要修改 `policy.json` 檔案。最後,您可以執行下列動作,將此修改後的政策套用回 S3 儲存貯體:
`policy.json` 檔案 (視需要)。最後,您可以執行下列動作,將此修改後的政策套用回 S3 儲存貯體:
檔案 (視需要)。最後,您可以執行下列動作,將此修改後的政策套用回 S3 儲存貯體:
```
aws s3api put-bucket-policy --bucket amzn-s3-demo-bucket --policy file://policy.json
```
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [GetBucketPolicy](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/get-bucket-policy.html)。
------
#### [ Java ]
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/s3#code-examples)中設定和執行。
```
import software.amazon.awssdk.services.s3.model.S3Exception;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.model.GetBucketPolicyRequest;
import software.amazon.awssdk.services.s3.model.GetBucketPolicyResponse;
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class GetBucketPolicy {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
bucketName - The Amazon S3 bucket to get the policy from.
""";
if (args.length != 1) {
System.out.println(usage);
System.exit(1);
}
String bucketName = args[0];
System.out.format("Getting policy for bucket: \"%s\"\n\n", bucketName);
Region region = Region.US_EAST_1;
S3Client s3 = S3Client.builder()
.region(region)
.build();
String polText = getPolicy(s3, bucketName);
System.out.println("Policy Text: " + polText);
s3.close();
}
/**
* Retrieves the policy for the specified Amazon S3 bucket.
*
* @param s3 the {@link S3Client} instance to use for making the request
* @param bucketName the name of the S3 bucket for which to retrieve the policy
* @return the policy text for the specified bucket, or an empty string if an error occurs
*/
public static String getPolicy(S3Client s3, String bucketName) {
String policyText;
System.out.format("Getting policy for bucket: \"%s\"\n\n", bucketName);
GetBucketPolicyRequest policyReq = GetBucketPolicyRequest.builder()
.bucket(bucketName)
.build();
try {
GetBucketPolicyResponse policyRes = s3.getBucketPolicy(policyReq);
policyText = policyRes.policy();
return policyText;
} catch (S3Exception e) {
System.err.println(e.awsErrorDetails().errorMessage());
System.exit(1);
}
return "";
}
}
```
+ 如需 API 詳細資訊,請參閱*《AWS SDK for Java 2.x API 參考》*中的 [GetBucketPolicy](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/GetBucketPolicy)。
------
#### [ JavaScript ]
**適用於 JavaScript (v3) 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/s3#code-examples)中設定和執行。
取得儲存貯體政策。
```
import {
GetBucketPolicyCommand,
S3Client,
S3ServiceException,
} from "@aws-sdk/client-s3";
/**
* Logs the policy for a specified bucket.
* @param {{ bucketName: string }}
*/
export const main = async ({ bucketName }) => {
const client = new S3Client({});
try {
const { Policy } = await client.send(
new GetBucketPolicyCommand({
Bucket: bucketName,
}),
);
console.log(`Policy for "${bucketName}":\n${Policy}`);
} catch (caught) {
if (
caught instanceof S3ServiceException &&
caught.name === "NoSuchBucket"
) {
console.error(
`Error from S3 while getting policy from ${bucketName}. The bucket doesn't exist.`,
);
} else if (caught instanceof S3ServiceException) {
console.error(
`Error from S3 while getting policy from ${bucketName}. ${caught.name}: ${caught.message}`,
);
} else {
throw caught;
}
}
};
```
+ 如需詳細資訊,請參閱《[適用於 JavaScript 的 AWS SDK 開發人員指南](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/s3-example-bucket-policies.html#s3-example-bucket-policies-get-policy)》。
+ 如需 API 詳細資訊,請參閱*《適用於 JavaScript 的 AWS SDK API 參考》*中的 [GetBucketPolicy](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/s3/command/GetBucketPolicyCommand)。
------
#### [ Kotlin ]
**適用於 Kotlin 的 SDK**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/s3#code-examples)中設定和執行。
```
suspend fun getPolicy(bucketName: String): String? {
println("Getting policy for bucket $bucketName")
val request =
GetBucketPolicyRequest {
bucket = bucketName
}
S3Client.fromEnvironment { region = "us-east-1" }.use { s3 ->
val policyRes = s3.getBucketPolicy(request)
return policyRes.policy
}
}
```
+ 如需 API 詳細資訊,請參閱*《適用於 Kotlin 的AWS SDK API 參考》*中的 [GetBucketPolicy](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ PowerShell ]
**Tools for PowerShell V4**
**範例 1:此命令會輸出與給定 S3 儲存貯體相關聯的儲存貯體政策。**
```
Get-S3BucketPolicy -BucketName 'amzn-s3-demo-bucket'
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V4)》**中的 [GetBucketPolicy](https://docs.aws.amazon.com/powershell/v4/reference)。
**Tools for PowerShell V5**
**範例 1:此命令會輸出與給定 S3 儲存貯體相關聯的儲存貯體政策。**
```
Get-S3BucketPolicy -BucketName 'amzn-s3-demo-bucket'
```
+ 如需 API 詳細資訊,請參閱《AWS Tools for PowerShell Cmdlet 參考 (V5)》**中的 [GetBucketPolicy](https://docs.aws.amazon.com/powershell/v5/reference)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/s3/s3_basics#code-examples)中設定和執行。
```
class BucketWrapper:
"""Encapsulates S3 bucket actions."""
def __init__(self, bucket):
"""
:param bucket: A Boto3 Bucket resource. This is a high-level resource in Boto3
that wraps bucket actions in a class-like structure.
"""
self.bucket = bucket
self.name = bucket.name
def get_policy(self):
"""
Get the security policy of the bucket.
:return: The security policy of the specified bucket, in JSON format.
"""
try:
policy = self.bucket.Policy()
logger.info(
"Got policy %s for bucket '%s'.", policy.policy, self.bucket.name
)
except ClientError:
logger.exception("Couldn't get policy for bucket '%s'.", self.bucket.name)
raise
else:
return json.loads(policy.policy)
```
+ 如需 API 詳細資訊,請參閱*《適用於 Python (Boto3) 的AWS SDK API 參考》*中的 [GetBucketPolicy](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/GetBucketPolicy)。
------
#### [ Ruby ]
**SDK for Ruby**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/ruby/example_code/s3#code-examples)中設定和執行。
```
# Wraps an Amazon S3 bucket policy.
class BucketPolicyWrapper
attr_reader :bucket_policy
# @param bucket_policy [Aws::S3::BucketPolicy] A bucket policy object configured with an existing bucket.
def initialize(bucket_policy)
@bucket_policy = bucket_policy
end
# Gets the policy of a bucket.
#
# @return [Aws::S3::GetBucketPolicyOutput, nil] The current bucket policy.
def policy
policy = @bucket_policy.data.policy
policy.respond_to?(:read) ? policy.read : policy
rescue Aws::Errors::ServiceError => e
puts "Couldn't get the policy for #{@bucket_policy.bucket.name}. Here's why: #{e.message}"
nil
end
end
```
+ 如需 API 詳細資訊,請參閱*《適用於 Ruby 的 AWS SDK API 參考》*中的 [GetBucketPolicy](https://docs.aws.amazon.com/goto/SdkForRubyV3/s3-2006-03-01/GetBucketPolicy)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/s3#code-examples)中設定和執行。
```
TRY.
oo_result = lo_s3->getbucketpolicy( " oo_result is returned for testing purposes. "
iv_bucket = iv_bucket_name ).
DATA(lv_policy) = oo_result->get_policy( ).
MESSAGE 'Retrieved bucket policy.' TYPE 'I'.
CATCH /aws1/cx_s3_nosuchbucket.
MESSAGE 'Bucket does not exist.' TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [GetBucketPolicy](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------