-
-
Notifications
You must be signed in to change notification settings - Fork 382
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
writing to S3 requires unnecessary permissions #314
Labels
Comments
It looks like this code was added to fix issue #154 so I tried to write to a bucket that doesn't exist to see if smart_open tried to create it implicitly (which I agree would be bad). It didn't try to create the bucket so lines 425-428 may no longer be necessary:
|
caboteria
pushed a commit
to Affectiva/smart_open
that referenced
this issue
May 17, 2019
This is about piskvorky#314 This code caused problems when you have write permission to an s3 bucket path but not read permission to the bucket root. This code was added to prevent implicit bucket creation (to fix issue 154) but it appears that it is no longer needed.
caboteria
pushed a commit
to Affectiva/smart_open
that referenced
this issue
May 18, 2019
This is about piskvorky#314 This code caused problems when you have write permission to an s3 bucket path but not read permission to the bucket root. This code was added to prevent implicit bucket creation (to fix issue 154) but it appears that it is no longer needed.
caboteria
pushed a commit
to Affectiva/smart_open
that referenced
this issue
May 18, 2019
This is about piskvorky#314 This code caused problems when you have write permission to an s3 bucket path but not read permission to the bucket root. This code was added to prevent implicit bucket creation (to fix issue 154) but it appears that it is no longer needed.
mpenkov
pushed a commit
that referenced
this issue
May 18, 2019
This is about #314 This code caused problems when you have write permission to an s3 bucket path but not read permission to the bucket root. This code was added to prevent implicit bucket creation (to fix issue 154) but it appears that it is no longer needed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm trying to write to an S3 bucket for which I have permission to write to a path in the bucket, but I don't have permission to list the root of the bucket, which is a fairly common use case when using S3 to transfer files to/from multiple organizations in the same bucket. The write fails because of a check on line 426 of s3.py: it tries a head_bucket operation which requires[1] the ListBucket permission, which isn't really needed to write an object.
Commenting out lines 425-428 allows the write to succeed since it no longer does any operations in the root of the bucket.
[1] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketHEAD.html
The text was updated successfully, but these errors were encountered: