【发布时间】:2017-02-03 19:46:44
【问题描述】:
我有一个非常简单的脚本,可以从存储桶中下载文件。该文件使用 KMS 加密密钥,我的策略和角色设置正确,但我仍然收到错误消息。
代码
#!/usr/bin/env python
import boto3
s3_client = boto3.client('s3')
s3_client.download_file('testtesttest', 'test.txt', '/tmp/test.txt')
错误
Traceback (most recent call last):
File "./getfile.py", line 4, in <module>
s3_client.download_file('testtesttest', 'test.txt', '/tmp/test.txt')
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/inject.py", line 91, in download_file
extra_args=ExtraArgs, callback=Callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 659, in download_file
extra_args, callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 674, in _download_file
self._get_object(bucket, key, filename, extra_args, callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 698, in _get_object
extra_args, callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 712, in _do_get_object
**extra_args)
File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line 301, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line 386, in _make_api_call
raise ClientError(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (InvalidArgument) when calling the GetObject operation: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4.
【问题讨论】:
-
未来读者请注意:'s3v4' 是默认值,因此您无需明确指定它,除非它是从某个配置文件或环境中获取的。签到
boto3.client('s3').meta.config.signature_version。
标签: python amazon-web-services amazon-s3 boto