Menu
I have very simple script that downloads a file from a bucket. The file is leveraging KMS encrypted keys, my policies and roles are setup correctly but I still get an error.
Code
#!/usr/bin/env python
import boto3
s3_client = boto3.client('s3')
s3_client.download_file('testtesttest', 'test.txt', '/tmp/test.txt')
Error
Traceback (most recent call last):
File "./getfile.py", line 4, in <module>
s3_client.download_file('testtesttest', 'test.txt', '/tmp/test.txt')
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/inject.py", line 91, in download_file
extra_args=ExtraArgs, callback=Callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 659, in download_file
extra_args, callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 674, in _download_file
self._get_object(bucket, key, filename, extra_args, callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 698, in _get_object
extra_args, callback)
File "/usr/local/lib/python2.7/dist-packages/boto3/s3/transfer.py", line 712, in _do_get_object
**extra_args)
File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line 301, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/usr/local/lib/python2.7/dist-packages/botocore/client.py", line 386, in _make_api_call
raise ClientError(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (InvalidArgument) when calling the GetObject operation: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4.
660
Boto3 can be used to directly interact with AWS resources from Python scripts. Boto3’s S3 API doesn’t have any method to download all of the files from your S3 bucket at once. In this tutorial, we will look at how we can use the Boto3 library to download all the files from your S3 bucket.
AWS Boto3 is the Python SDK for AWS. Boto3 can be used to directly interact with AWS resources from Python scripts. Boto3’s S3 API doesn’t have any method to download all of the files from your S3 bucket at once.
You don’t need to specify the AWS KMS key ID when you download an SSE-KMS-encrypted object from an S3 bucket. Instead, you need the permission to decrypt the AWS KMS key.
The download_filemethod accepts the names of the bucket and object to download and the filename to save the file to. importboto3s3=boto3.client('s3')s3.download_file('BUCKET_NAME','OBJECT_NAME','FILE_NAME') The download_fileobjmethod accepts a writeable file-like object. The file object must be opened in binary mode, not text mode.
Figured it out
Code
#!/usr/bin/env python
import boto3
from botocore.client import Config
s3_client = boto3.client('s3', config=Config(signature_version='s3v4'))
s3_client.download_file('testtesttest', 'test.txt', '/tmp/test.txt')
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With