You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It’s nice that the API offers a simple method for checking if a bucket exists. However, the implementation of client.bucket_exists() isn’t great. I have an IAM user that has access to AWS S3 and I can list buckets just fine but when calling client.bucket_exists() I get access denied. The reason for this is that under the hood client.bucket_exists() calls self.get_region().
Another reason why calling self.get_region() isn’t a great way of checking if a bucket exists is that the client caches this information locally (which makes sense for other use cases). This means that if the bucket gets deleted while the client object is still alive, client.bucket_exists() will still return true. Of course this will be very rare in practice, you don’t delete buckets that often, but it’s still not the best design.
The text was updated successfully, but these errors were encountered:
It’s nice that the API offers a simple method for checking if a bucket exists. However, the implementation of
client.bucket_exists()isn’t great. I have an IAM user that has access to AWS S3 and I can list buckets just fine but when callingclient.bucket_exists()I get access denied. The reason for this is that under the hoodclient.bucket_exists()callsself.get_region().minio-rs/src/s3/client.rs
Line 598 in 8fb211a
According to the AWS documentation, you have to provide the ID for the bucket owner in order to be allowed to perform this operation. If the provided ID doesn’t match the bucket owner, you get access denied.
https://stackoverflow.com/questions/55195343/aws-s3-access-denied-when-getting-bucket-location
https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLocation.html#API_GetBucketLocation_RequestSyntax
This makes getting the region an impractical way of checking if a bucket exists.
Another reason why calling
self.get_region()isn’t a great way of checking if a bucket exists is that the client caches this information locally (which makes sense for other use cases). This means that if the bucket gets deleted while the client object is still alive,client.bucket_exists()will still return true. Of course this will be very rare in practice, you don’t delete buckets that often, but it’s still not the best design.The text was updated successfully, but these errors were encountered: