RMish
Reputation: 151
How to put the objectacl by not wiping the current ACL
I am using the below line of codes, however the ACL of only 'owner-account' is applied and the one with 'child-account' doesn't get applied. how to get this fixed. this is more a question related to dictionary I guess..Any help is appreciated.
import json import boto3 import logging
def lambda_handler(event, context): s3 = boto3.resource('s3')
object_acl = s3.ObjectAcl('bucket_name','bucket_key')
response = object_acl.put(
AccessControlPolicy={
'Grants': [
{
'Grantee': {
'ID':'child-account',
'Type': 'CanonicalUser'
},
'Grantee': {
'ID':'owner-account',
'Type': 'CanonicalUser'
},
'Permission': 'FULL_CONTROL'
},
],
'Owner': {
'ID': 'ssm-service-internal-account'
}
})
print(response)
Upvotes: 0
Views: 53
Answers (1)
jellycsc
Reputation: 12259
The dictionary structure is wrong. It should be like this
AccessControlPolicy={
'Grants': [
{
'Grantee': {
'ID':'child-account',
'Type': 'CanonicalUser'
},
'Permission': 'FULL_CONTROL'
},
{
'Grantee': {
'ID':'owner-account',
'Type': 'CanonicalUser'
},
'Permission': 'FULL_CONTROL'
}
],
'Owner': {
'ID': 'ssm-service-internal-account'
}
})
Upvotes: 1
Related Questions
- Setting specific permission in amazon s3 boto bucket
- How can I stop ACL config being removed when overwriting an object in S3?
- boto3 : Create a S3 bucket with ACLs disabled
- Changing ACLs of objects in an S3 bucket using Boto3
- Python Boto3 update/overwrite object in S3 bucket
- How can i create bucket and objects with not public access using boto3 in aws?
- How can I assign bucket-owner-full-control when creating an S3 object with boto3?
- Python boto3 set lificycle on objects
- boto3 put_object with new key python
- Add permission to a S3 object in AWS using Python and boto3