I’m going to keep putting these tutorials in here until @oaktree makes an “ops” category just for me And I realize pretty much all of us here are in infosec in some way or another and not really “ops” people, but bear with me. All these little things are going to come in useful someday somehow. I promise.
Now, onto the post…
So tonight because of some vendor’s stupidity, I had to update the timestamps on all the objects in an S3 bucket to something less than 24h old, ie, “now”. How do I do that? No idea. But I knew I had to start with my trusty Swiss Army Knife for AWS: python3 + boto3.
Firing up boto, and python, I sketched out my short script. I knew I needed to do the following:
- Create a boto “client” object
- Enumerate all the objects in the given bucket
- For each of those objects, bump the timestamp to “now” somehow.
Steps 1 and 2 were easy. Step 3 was less clear: boto has no method to modify metadata directly. At least, none that I could find. What to do? A bit of Googling turned up a Github issue describing the use of
copy_object() pointing to the same source and dest key. It’s the boto version of
touch, sorta. It’s not documented and it’s not really obvious.
So there you have it: If you want to
touch an object in an S3 bucket, the best way to do it is to use
client.copy_object() with the same source and destination.