aws-sdk-s3 1.102.0 → 1.112.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -48,8 +48,14 @@ Defaults to `legacy` mode which uses the global endpoint.
48
48
  private
49
49
 
50
50
  def self.resolve_iad_regional_endpoint(cfg)
51
+ default_mode_value =
52
+ if cfg.respond_to?(:defaults_mode_config_resolver)
53
+ cfg.defaults_mode_config_resolver.resolve(:s3_us_east_1_regional_endpoint)
54
+ end
55
+
51
56
  mode = ENV['AWS_S3_US_EAST_1_REGIONAL_ENDPOINT'] ||
52
57
  Aws.shared_config.s3_us_east_1_regional_endpoint(profile: cfg.profile) ||
58
+ default_mode_value ||
53
59
  'legacy'
54
60
  mode = mode.downcase
55
61
  unless %w(legacy regional).include?(mode)
@@ -22,7 +22,9 @@ module Aws
22
22
  # S3 removes core's signature_v4 plugin that checks for this
23
23
  raise Aws::Errors::MissingRegionError if cfg.region.nil?
24
24
 
25
- Aws::Partitions::EndpointProvider.signing_region(cfg.region, 's3')
25
+ Aws::Partitions::EndpointProvider.signing_region(
26
+ cfg.region, 's3'
27
+ )
26
28
  end
27
29
 
28
30
  def add_handlers(handlers, cfg)
@@ -162,7 +164,12 @@ module Aws
162
164
 
163
165
  def custom_endpoint?(resp)
164
166
  resolved_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(
165
- resp.context.config.region
167
+ resp.context.config.region,
168
+ 's3',
169
+ {
170
+ dualstack: resp.context[:use_dualstack_endpoint],
171
+ fips: resp.context.config.use_fips_endpoint
172
+ }
166
173
  )
167
174
  !resp.context.http_request.endpoint.hostname.include?(resolved_suffix)
168
175
  end
@@ -234,12 +241,20 @@ module Aws
234
241
  # Otherwise it will retry with the ARN as the bucket name.
235
242
  def new_hostname(context, region)
236
243
  uri = URI.parse(
237
- Aws::Partitions::EndpointProvider.resolve(region, 's3')
244
+ Aws::Partitions::EndpointProvider.resolve(
245
+ region, 's3', 'regional',
246
+ {
247
+ dualstack: context[:use_dualstack_endpoint],
248
+ fips: context.config.use_fips_endpoint
249
+ }
250
+ )
238
251
  )
239
252
 
240
253
  if (arn = context.metadata[:s3_arn])
241
254
  # Retry with the response region and not the ARN resolved one
242
- ARN.resolve_url!(uri, arn[:arn], region).host
255
+ ARN.resolve_url!(
256
+ uri, arn[:arn], region, arn[:fips], arn[:dualstack]
257
+ ).host
243
258
  else
244
259
  "#{context.params[:bucket]}.#{uri.host}"
245
260
  end
@@ -176,6 +176,7 @@ module Aws
176
176
  # ```
177
177
  #
178
178
  class PresignedPost
179
+ @@allowed_fields = []
179
180
 
180
181
  # @param [Credentials] credentials Security credentials for signing
181
182
  # the post policy.
@@ -247,7 +248,12 @@ module Aws
247
248
  case option_name
248
249
  when :allow_any then allow_any(option_value)
249
250
  when :signature_expiration then @signature_expiration = option_value
250
- else send("#{option_name}", option_value)
251
+ else
252
+ if @@allowed_fields.include?(option_name)
253
+ send("#{option_name}", option_value)
254
+ else
255
+ raise ArgumentError, "Unsupported option: #{option_name}"
256
+ end
251
257
  end
252
258
  end
253
259
  end
@@ -279,17 +285,23 @@ module Aws
279
285
  end
280
286
 
281
287
  # @api private
282
- def self.define_field(field, *args)
288
+ def self.define_field(field, *args, &block)
289
+ @@allowed_fields << field
283
290
  options = args.last.is_a?(Hash) ? args.pop : {}
284
291
  field_name = args.last || field.to_s
285
292
 
286
- define_method("#{field}") do |value|
287
- with(field_name, value)
288
- end
293
+ if block_given?
294
+ define_method("#{field}", block)
295
+ else
296
+ define_method("#{field}") do |value|
297
+ with(field_name, value)
298
+ end
289
299
 
290
- if options[:starts_with]
291
- define_method("#{field}_starts_with") do |value|
292
- starts_with(field_name, value)
300
+ if options[:starts_with]
301
+ @@allowed_fields << "#{field}_starts_with".to_sym
302
+ define_method("#{field}_starts_with") do |value|
303
+ starts_with(field_name, value)
304
+ end
293
305
  end
294
306
  end
295
307
  end
@@ -307,7 +319,7 @@ module Aws
307
319
  # @param [String] key
308
320
  # @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
309
321
  # @return [self]
310
- def key(key)
322
+ define_field(:key) do |key|
311
323
  @key_set = true
312
324
  with('key', key)
313
325
  end
@@ -316,7 +328,7 @@ module Aws
316
328
  # @param [String] prefix
317
329
  # @see #key
318
330
  # @return [self]
319
- def key_starts_with(prefix)
331
+ define_field(:key_starts_with) do |prefix|
320
332
  @key_set = true
321
333
  starts_with('key', prefix)
322
334
  end
@@ -399,21 +411,21 @@ module Aws
399
411
  # @param [Time] time
400
412
  # @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
401
413
  # @return [self]
402
- def expires(time)
414
+ define_field(:expires) do |time|
403
415
  with('Expires', time.httpdate)
404
416
  end
405
417
 
406
418
  # @param [String] prefix
407
419
  # @see #expires
408
420
  # @return [self]
409
- def expires_starts_with(prefix)
421
+ define_field(:expires_starts_with) do |prefix|
410
422
  starts_with('Expires', prefix)
411
423
  end
412
424
 
413
425
  # The minimum and maximum allowable size for the uploaded content.
414
426
  # @param [Range<Integer>] byte_range
415
427
  # @return [self]
416
- def content_length_range(byte_range)
428
+ define_field(:content_length_range) do |byte_range|
417
429
  min = byte_range.begin
418
430
  max = byte_range.end
419
431
  max -= 1 if byte_range.exclude_end?
@@ -492,7 +504,7 @@ module Aws
492
504
  # prefixed with "x-amz-meta-".
493
505
  # @param [Hash<String,String>] hash
494
506
  # @return [self]
495
- def metadata(hash)
507
+ define_field(:metadata) do |hash|
496
508
  hash.each do |key, value|
497
509
  with("x-amz-meta-#{key}", value)
498
510
  end
@@ -503,7 +515,7 @@ module Aws
503
515
  # @param [Hash<String,String>] hash
504
516
  # @see #metadata
505
517
  # @return [self]
506
- def metadata_starts_with(hash)
518
+ define_field(:metadata_starts_with) do |hash|
507
519
  hash.each do |key, value|
508
520
  starts_with("x-amz-meta-#{key}", value)
509
521
  end
@@ -561,7 +573,7 @@ module Aws
561
573
  # @param [String] value
562
574
  # @see #server_side_encryption_customer_algorithm
563
575
  # @return [self]
564
- def server_side_encryption_customer_key(value)
576
+ define_field(:server_side_encryption_customer_key) do |value|
565
577
  field_name = 'x-amz-server-side-encryption-customer-key'
566
578
  with(field_name, base64(value))
567
579
  with(field_name + '-MD5', base64(OpenSSL::Digest::MD5.digest(value)))
@@ -570,7 +582,7 @@ module Aws
570
582
  # @param [String] prefix
571
583
  # @see #server_side_encryption_customer_key
572
584
  # @return [self]
573
- def server_side_encryption_customer_key_starts_with(prefix)
585
+ define_field(:server_side_encryption_customer_key_starts_with) do |prefix|
574
586
  field_name = 'x-amz-server-side-encryption-customer-key'
575
587
  starts_with(field_name, prefix)
576
588
  end
@@ -49,6 +49,7 @@ module Aws::S3
49
49
  # grant_write: "GrantWrite",
50
50
  # grant_write_acp: "GrantWriteACP",
51
51
  # object_lock_enabled_for_bucket: false,
52
+ # object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
52
53
  # })
53
54
  # @param [Hash] options ({})
54
55
  # @option options [String] :acl
@@ -74,6 +75,23 @@ module Aws::S3
74
75
  # @option options [Boolean] :object_lock_enabled_for_bucket
75
76
  # Specifies whether you want S3 Object Lock to be enabled for the new
76
77
  # bucket.
78
+ # @option options [String] :object_ownership
79
+ # The container element for object ownership for a bucket's ownership
80
+ # controls.
81
+ #
82
+ # BucketOwnerPreferred - Objects uploaded to the bucket change ownership
83
+ # to the bucket owner if the objects are uploaded with the
84
+ # `bucket-owner-full-control` canned ACL.
85
+ #
86
+ # ObjectWriter - The uploading account will own the object if the object
87
+ # is uploaded with the `bucket-owner-full-control` canned ACL.
88
+ #
89
+ # BucketOwnerEnforced - Access control lists (ACLs) are disabled and no
90
+ # longer affect permissions. The bucket owner automatically owns and has
91
+ # full control over every object in the bucket. The bucket only accepts
92
+ # PUT requests that don't specify an ACL or bucket owner full control
93
+ # ACLs, such as the `bucket-owner-full-control` canned ACL or an
94
+ # equivalent form of this ACL expressed in the XML format.
77
95
  # @return [Bucket]
78
96
  def create_bucket(options = {})
79
97
  @client.create_bucket(options)