Last active
December 15, 2015 20:28
-
-
Save uzulla/5318378 to your computer and use it in GitHub Desktop.
One shot S3 permission changer.
一括でS3 のオブジェクトのパーミッションを変更するスクリプト。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!perl | |
# one shot s3 permission changer. | |
# uzulla | |
use strict; | |
use warnings; | |
use utf8; | |
use FindBin; | |
use Data::Dumper; | |
use XML::Simple; | |
use local::lib 'extlib'; | |
binmode STDOUT, ":utf8"; | |
use Amazon::S3; # https://metacpan.org/module/Amazon::S3 | |
my $config = do "$FindBin::Bin/config.pl"; | |
# config.pl sample | |
# use strict; | |
# +{ | |
# 'aws_access_key_id' => 'HOGEHOGEHOEG', | |
# 'aws_secret_access_key' => 'HAGEHAGEHAGE', | |
# }; | |
my $s3 = Amazon::S3->new({ | |
aws_access_key_id => $config->{aws_access_key_id}, | |
aws_secret_access_key => $config->{aws_secret_access_key} | |
}); | |
my $bucket = $s3->bucket('mybucket'); # Bucket name | |
# $bucket https://metacpan.org/module/Amazon::S3::Bucket | |
# get key list | |
my $res = $bucket->list_all | |
or die $s3->err . ": " . $s3->errstr; | |
# do loop | |
for my $key (@{ $res->{keys} }) { | |
my $k = $key->{key}; | |
unless($k=~m|^user/|){ # filter | |
next; | |
} | |
print $k . "\n"; | |
my $res = $bucket->set_acl({ | |
acl_short => 'private', #'public-read', # ACL | |
key => $k | |
}); | |
} | |
# permission | |
# private | |
# Owner gets FULL_CONTROL. No one else has any access rights. This is the default. | |
# public-read | |
# Owner gets FULL_CONTROL and the anonymous principal is granted READ access. If this policy is used on an object, it can be read from a browser with no authentication. | |
# public-read-write | |
# Owner gets FULL_CONTROL, the anonymous principal is granted READ and WRITE access. This is a useful policy to apply to a bucket, if you intend for any anonymous user to PUT objects into the bucket. | |
# authenticated-read | |
# Owner gets FULL_CONTROL, and any principal authenticated as a registered Amazon S3 user is granted READ access. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ACL変更時のエラーチェックしてないし、パラレル処理もしてない(死