我想将文件从GCS传输到S3。测试我的连接的第一个运算符(S3KeySensor)效果很好。但不幸的是,第二个错误(GoogleCloudStorageToS3Operator)出现错误: S3错误“调用ListObjectsV2操作时发生错误(AccessDenied):访问被拒绝”。
# test
sensor = S3KeySensor(
task_id='check_s3_for_file_in_s3',
bucket_key='folder1/folder2/*',
wildcard_match=True,
bucket_name='test.mydomain.com',
aws_conn_id='aws_connection',
timeout=18*60*60,
poke_interval=120,
dag=dag)
impressions_from_gcs_to_s3 = GoogleCloudStorageToS3Operator(
task_id='impressions_from_gcs_to_s3',
bucket="mygcsbucket",
delimiter=filename,
google_cloud_storage_conn_id="google_cloud_storage_default",
dest_aws_conn_id="aws_connection",
dest_s3_key="s3://test.mydomain.com/folder1/folder2/",
dag=dag,
)
我不确定该怎么解决。
答案 0 :(得分:0)
这发生在我身上,您需要为此 dag 的执行角色添加策略。 如果您需要在存储桶中添加或删除对象,我会为您提供一个示例:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObjectAcl",
"s3:GetObject",
"s3:PutBucketPolicy",
"s3:DeleteObject",
"s3:PutObjectAcl",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::my-bucket-a/*","arn:aws:s3:::my-bucket-a",
.
.
.
"arn:aws:s3:::my-bucket-n/*","arn:aws:s3:::my-bucket-n"
]
}
]
}