Introduction to ACLs of Key on S3
Many times when you need to change the access control list (ACL) of a key on the S3 to make it public to private or private to public. This is easy as we provide this control at the time when we are putting an object on S3. But if we already have a private folder on S3 and we need to convert it manually and each folder is above 10 GB or 20 GB or 50 GB then this is a time-consuming task that might take weeks or months.
Python3 script to reduce manual efforts
Below I have written this python3 script which will reduce your manual efforts and also save you a lot of time. This script is required to have a boto3 (https://boto3.amazonaws.com/v1/documentation/api/latest/guide/quickstart.html) and logging library.
Use these two commands on your machine before running the script:
pip install boto3
pip install logging
- Then you need to make log file and get its path e.g. script.log at /var/www/html/scriptFolder
Save below script in with .py extension e.g conversion.py
from datetime import datetime, timedelta;
ACCESS_KEY_ID = 'aws_access_key'
ACCESS_SECRET_KEY = 'aws_secret_key'
BUCKET_NAME = 'bucket-name'
client = boto3.client(
success =  noUser =  pvtObjects = [925,926,929,2080,1321,1078,1067] # array of folders names => if number then directly pass as above variable and if string then in this format ['test','test123'] for pvtObject in pvtObjects:
response = client.list_objects(Bucket=BUCKET_NAME, Prefix =str(pvtObject)+'/')
if('Contents' in response):
for pvtObjectInner in response['Contents']:
logging.info(datetime.now().strftime("%d-%b-%Y %I:%M:%S %P :")+'File '+str(pvtObject)+'/'+' done')
successStr = str(success).strip('') if len(success) > 0 else '0'
errStr = str(noUser).strip('') if len(noUser) > 0 else '0'
logging.info(datetime.now().strftime("%d-%b-%Y %I:%M:%S %P :")+'End of coversion completed: success '+successStr+' error '+errStr)
- You can run this script using python3 conversion.py if you want to run it in the background then use python3 conversion.py & disown. This starts converting your file ACL to public