uzulla/oneshot_s3_permission_changer.pl

## oneshot_s3_permission_changer.pl
#!perl
# one shot s3 permission changer.
# uzulla

use strict;
use warnings;
use utf8;
use FindBin;
use Data::Dumper;
use XML::Simple;
use local::lib 'extlib';
binmode STDOUT, ":utf8";

use Amazon::S3; # https://metacpan.org/module/Amazon::S3
my $config = do "$FindBin::Bin/config.pl";
# config.pl sample
# use strict;
# +{
#     'aws_access_key_id' => 'HOGEHOGEHOEG',
#     'aws_secret_access_key' => 'HAGEHAGEHAGE',
# };

my $s3 = Amazon::S3->new({
    aws_access_key_id     => $config->{aws_access_key_id},
    aws_secret_access_key => $config->{aws_secret_access_key}
});

my $bucket = $s3->bucket('mybucket'); # Bucket name
# $bucket https://metacpan.org/module/Amazon::S3::Bucket

# get key list
my $res = $bucket->list_all
    or die $s3->err . ": " . $s3->errstr;

# do loop
for my $key (@{ $res->{keys} }) {
    my $k = $key->{key};

    unless($k=~m|^user/|){ # filter
        next;
    }

    print $k . "\n";
    my $res = $bucket->set_acl({
        acl_short => 'private', #'public-read', # ACL
        key => $k
        });
}

# permission
# private
#     Owner gets FULL_CONTROL. No one else has any access rights. This is the default.
# public-read
#     Owner gets FULL_CONTROL and the anonymous principal is granted READ access. If this policy is used on an object, it can be read from a browser with no authentication.
# public-read-write
#     Owner gets FULL_CONTROL, the anonymous principal is granted READ and WRITE access. This is a useful policy to apply to a bucket, if you intend for any anonymous user to PUT objects into the bucket.
# authenticated-read
#     Owner gets FULL_CONTROL, and any principal authenticated as a registered Amazon S3 user is granted READ access.
	#!perl
	# one shot s3 permission changer.
	# uzulla

	use strict;
	use warnings;
	use utf8;
	use FindBin;
	use Data::Dumper;
	use XML::Simple;
	use local::lib 'extlib';
	binmode STDOUT, ":utf8";

	use Amazon::S3; # https://metacpan.org/module/Amazon::S3
	my $config = do "$FindBin::Bin/config.pl";
	# config.pl sample
	# use strict;
	# +{
	# 'aws_access_key_id' => 'HOGEHOGEHOEG',
	# 'aws_secret_access_key' => 'HAGEHAGEHAGE',
	# };

	my $s3 = Amazon::S3->new({
	aws_access_key_id => $config->{aws_access_key_id},
	aws_secret_access_key => $config->{aws_secret_access_key}
	});

	my $bucket = $s3->bucket('mybucket'); # Bucket name
	# $bucket https://metacpan.org/module/Amazon::S3::Bucket

	# get key list
	my $res = $bucket->list_all
	or die $s3->err . ": " . $s3->errstr;

	# do loop
	for my $key (@{ $res->{keys} }) {
	my $k = $key->{key};

	unless($k=~m\|^user/\|){ # filter
	next;
	}

	print $k . "\n";
	my $res = $bucket->set_acl({
	acl_short => 'private', #'public-read', # ACL
	key => $k
	});
	}

	# permission
	# private
	# Owner gets FULL_CONTROL. No one else has any access rights. This is the default.
	# public-read
	# Owner gets FULL_CONTROL and the anonymous principal is granted READ access. If this policy is used on an object, it can be read from a browser with no authentication.
	# public-read-write
	# Owner gets FULL_CONTROL, the anonymous principal is granted READ and WRITE access. This is a useful policy to apply to a bucket, if you intend for any anonymous user to PUT objects into the bucket.
	# authenticated-read
	# Owner gets FULL_CONTROL, and any principal authenticated as a registered Amazon S3 user is granted READ access.