boto3 copy vs copy_object regarding file permission ACL in s3


After I copied an object to the same bucket with a different key and prefix(It is similar to renaming, I believe), its public-read permission is removed.

When I tried to open the file on a browser using the link found on s3. And, I realized that on the permission tab, it doesn’t have public-read permission while the original file has.

2 questions:
i) Is is possible to maintain the ACL permission when I use
copy(CopySource, Bucket, Key, ExtraArgs=None, Callback=None, SourceClient=None, Config=None)

ii) What are the ExtraArgs that I can set? The document doesn’t mention anything.


This is not the exact answer that I want but it seems to work for now.

I am not sure how to maintain the permission but I can manually set it to public-read or other types that I need it to be.

This are the possible values from boto3 copy_object:

Then, I realized it needs more permission to perform this action. I am not sure which permission it actually needs now but I get these errors:
i) An error occurred (AccessDenied) when calling the CopyObject operation: Access Denied.
ii) An error occurred (AccessDenied) when calling the CreateMultipartUpload operation: Access Denied.

It works after I added “s3:PutObjectAcl” policy.

Leave a Reply