我一直在尝试使用AWS的“官方”命令行工具s3curl.pl来testing最近发布的多对象删除。 这是我所做的:
首先,我用一组凭证testing了s3curl.pl,没有出现问题:
$ s3curl.pl --id=s3 -- http://testbucket-0.s3.amazonaws.com/|xmllint --format - % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 884 0 884 0 0 4399 0 --:--:-- --:--:-- --:--:-- 5703 <?xml version="1.0" encoding="UTF-8"?> <ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Name>testbucket-0</Name> <Prefix/> <Marker/> <MaxKeys>1000</MaxKeys> <IsTruncated>false</IsTruncated> <Contents> <Key>file_1</Key> <LastModified>2012-03-22T17:08:17.000Z</LastModified> <ETag>"ee0e521a76524034aaa5b331842a8b4e"</ETag> <Size>400000</Size> <Owner> <ID>e6d81ea69572270e58d3814ab674df8c8f1fd5d502669633a4951bdd5185f7f4</ID> <DisplayName>zackp</DisplayName> </Owner> <StorageClass>STANDARD</StorageClass> </Contents> <Contents> <Key>file_2</Key> <LastModified>2012-03-22T17:08:19.000Z</LastModified> <ETag>"6b32cbf8219a59690a9f69ba6ff3f590"</ETag> <Size>600000</Size> <Owner> <ID>e6d81ea69572270e58d3814ab674df8c8f1fd5d502669633a4951bdd5185f7f4</ID> <DisplayName>zackp</DisplayName> </Owner> <StorageClass>STANDARD</StorageClass> </Contents> </ListBucketResult> 然后,我遵循s3curl.pl的使用说明:
s3curl.pl --help Usage /usr/local/bin/s3curl.pl --id friendly-name (or AWSAccessKeyId) [options] -- [curl-options] [URL] options: --key SecretAccessKey id/key are AWSAcessKeyId and Secret (unsafe) --contentType text/plain set content-type header --acl public-read use a 'canned' ACL (x-amz-acl header) --contentMd5 content_md5 add x-amz-content-md5 header --put <filename> PUT request (from the provided local file) --post [<filename>] POST request (optional local file) --copySrc bucket/key Copy from this source key --createBucket [<region>] create-bucket with optional location constraint --head HEAD request --debug enable debug logging common curl options: -H 'x-amz-acl: public-read' another way of using canned ACLs -v verbose logging
然后,我尝试了以下,总是得到错误。 如果有人能指出我犯了什么错误,我会非常感激的。
$ s3curl.pl --id=s3 --post multi_delete.xml -- http://testbucket-0.s3.amazonaws.com/?delete <?xml version="1.0" encoding="UTF-8"?> <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><StringToSignBytes>50 4f 53 54 0a 0a 0a 54 68 75 2c 20 30 35 20 41 70 72 20 32 30 31 32 20 30 30 3a 35 30 3a 30 38 20 2b 30 30 30 30 0a 2f 7a 65 74 74 61 72 2d 74 2f 3f 64 65 6c 65 74 65</StringToSignBytes><RequestId>707FBE0EB4A571A8</RequestId><HostId>mP3ZwlPTcRqARQZd6gU4UvBrxGBNIVa0VVe5p0rqGmq5hM65RprwcG/qcXe+pmDT</HostId><SignatureProvided>edkNGuugiSFe0ku4eGzkh8kYgHw=</SignatureProvided><StringToSign>POST Thu, 05 Apr 2012 00:50:08 +0000
文件multi_delete.xml包含以下内容:
cat multi_delete.xml <?xml version="1.0" encoding="UTF-8"?> <Delete> <Quiet>true</Quiet> <Object> <Key>file_1</Key> <VersionId> </VersionId>> </Object> <Object> <Key>file_2</Key> <VersionId> </VersionId> </Object> </Delete>
谢谢你的帮助!
–Zack
这对我来说(亚马逊Linux AMI v2012.03;我们东1):
下载并提取最新的s3curl.zip
wget http://s3.amazonaws.com/doc/s3-example-code/s3-curl.zip unzip s3-curl.zip
使可执行文件
cd s3-curl chmod +x s3-curl
创build凭证文件(.s3curl):
%awsSecretAccessKeys = ( # personal account personal => { id => 'XXXXXXXXXXXXXXXXXXXX', key => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', }, );
限制凭证权限:
chmod 600 .s3curl
创buildPOST请求正文(multidelete.xml):
<?xml version="1.0" encoding="UTF-8"?> <Delete> <Object> <Key>file1.txt</Key> </Object> <Object> <Key>file2.txt</Key> </Object> </Delete>
计算POST正文的base64编码的MD5总和:
cat multidelete.xml | openssl dgst -md5 -binary | base64 cD8Q8KTug5P8Hj7oyOW8iQ==
构造请求,并启用curl的详细显示(我已经包括上面的内联命令,而不是MD5总和本身):
./s3curl.pl --id=personal --post multidelete.xml --contentMd5 `cat multidelete.xml | openssl dgst -md5 -binary | base64` -- -v http://s3.amazonaws.com/BUCKET?delete
笔记:
尝试使用PUT(而不是POST)会导致405 Method Not Allowed :
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>MethodNotAllowed</Code><Message>The specified method is not allowed against this resource.</Message><ResourceType>MULTI_OBJECT_DELETE</ResourceType><Method>PUT</Method><RequestId>XXXXXXXXXXXXXXXX</RequestId><HostId>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</HostId></Error>
试图在没有Content-MD5头的情况下使用POST导致400 Bad Request :
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidRequest</Code><Message>Missing required header for this request: Content-MD5</Message><RequestId>XXXXXXXXXXXXXXXX</RequestId><HostId>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</HostId></Error>
使用hexmd5总和会导致400 Bad Request :
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>InvalidDigest</Code><Message>The Content-MD5 you specified was invalid.</Message><RequestId>XXXXXXXXXXXXXXXX</RequestId><Content-MD5>703f10f0a4ee8393fc1e3ee8c8e5bc89</Content-MD5><HostId>XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</HostId></Error>
有效的请求/响应如下所示:
./s3curl.pl --id=personal --post multidelete.xml --contentMd5 `cat multidelete.xml | openssl dgst -md5 -binary | base64` -- -v http://s3.amazonaws.com/BUCKET?delete * About to connect() to s3.amazonaws.com port 80 (#0) * Trying 72.21.194.31... connected * Connected to s3.amazonaws.com (72.21.194.31) port 80 (#0) > POST /BUCKET?delete HTTP/1.1 > User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.12.9.0 zlib/1.2.3 libidn/1.18 libssh2/1.2.2 > Host: s3.amazonaws.com > Accept: */* > Date: Thu, 05 Apr 2012 01:50:53 +0000 > Authorization: AWS XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= > Content-MD5: cD8Q8KTug5P8Hj7oyOW8iQ== > Content-Length: 172 > Expect: 100-continue > < HTTP/1.1 100 Continue < HTTP/1.1 200 OK < x-amz-id-2: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX < x-amz-request-id: XXXXXXXXXXXXXXXX < Date: Thu, 05 Apr 2012 01:50:55 GMT < Content-Type: application/xml < Transfer-Encoding: chunked < Server: AmazonS3 < <?xml version="1.0" encoding="UTF-8"?> * Connection #0 to host s3.amazonaws.com left intact * Closing connection #0 <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Deleted><Key>file1.txt</Key></Deleted><Deleted><Key>file2.txt</Key></Deleted></DeleteResult>
使用<Quiet>true</Quiet>导致从成功删除返回的以下内容:
<DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"></DeleteResult>
我可以复制您的错误消息的唯一方法是在凭证文件中使用无效的密钥。 然而,这个桶列表也没有用,不像你的。