I'm using the amazon-s3-php-class
to help me upload files to Amazon's S3. After I upload the file, i noti开发者_如何学编程ced that Everyone can download it if they type the url https://url.com/mybucket/filename.file
.
I can manually restrict access by using the AWS console to turn off Open/Download to the user Everyone.
How do I do this with programatically with amazon-s3-php-class
? The following code did not do anything:
$s3 = new S3($AZ_KEY_ID, $AZ_KEY_SECRET);
$acp = array("acl"=>array());
$acp["acl"][] = array(
"type" => "Everyone", "uri" => "https://url.com/mybucket/filename.file", "permission" => ""
);
$s3->setAccessControlPolicy("mybucket", "https://url.com/mybucket/filename.file", $acp);
What's wrong with my code?
With the new AWS SDK V3 changing ACL permissions is really easy:
$s3->putObjectAcl([
'Bucket' => 'myBucketName',
'Key' => 'myFileName',
'ACL' => 'private'
]);
ACL can be one of these value 'ACL' => 'private|public-read|public-read-write|authenticated-read|aws-exec-read|bucket-owner-read|bucket-owner-full-control',
$s3 = new S3($AZ_KEY_ID, $AZ_KEY_SECRET);
$acp = $s3->getAccessControlPolicy('mybucket', 'filename.file');
foreach($acp['acl'] as $key => $val) {
if(isset($val['uri']) &&
$val['uri'] == 'http://acs.amazonaws.com/groups/global/AllUsers')
unset($acp['acl'][$key]);
}
$s3->setAccessControlPolicy('mybucket', 'filename.file', $acp)
In function getAccessControlPolicy
and setAccessControlPolicy
, uri
should be the path related to bucket.
AllUsers equals Everyone at AWS console.
Or you can set private acl to an object, when inserting it to S3.
$s3->putObjectFile($uploadFile, 'mybucket', 'filename.file', S3::ACL_PRIVATE)
精彩评论