RubyGems - aws-sdk-s3 - Versions diffs - 1.75.0 - Mend

aws-sdk-s3 1.75.0

Files changed (91) hide show

checksums.yaml +7 -0
data/lib/aws-sdk-s3.rb +73 -0
data/lib/aws-sdk-s3/bucket.rb +861 -0
data/lib/aws-sdk-s3/bucket_acl.rb +277 -0
data/lib/aws-sdk-s3/bucket_cors.rb +262 -0
data/lib/aws-sdk-s3/bucket_lifecycle.rb +264 -0
data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +283 -0
data/lib/aws-sdk-s3/bucket_logging.rb +251 -0
data/lib/aws-sdk-s3/bucket_notification.rb +293 -0
data/lib/aws-sdk-s3/bucket_policy.rb +242 -0
data/lib/aws-sdk-s3/bucket_region_cache.rb +81 -0
data/lib/aws-sdk-s3/bucket_request_payment.rb +236 -0
data/lib/aws-sdk-s3/bucket_tagging.rb +251 -0
data/lib/aws-sdk-s3/bucket_versioning.rb +312 -0
data/lib/aws-sdk-s3/bucket_website.rb +292 -0
data/lib/aws-sdk-s3/client.rb +11818 -0
data/lib/aws-sdk-s3/client_api.rb +3014 -0
data/lib/aws-sdk-s3/customizations.rb +34 -0
data/lib/aws-sdk-s3/customizations/bucket.rb +162 -0
data/lib/aws-sdk-s3/customizations/multipart_upload.rb +44 -0
data/lib/aws-sdk-s3/customizations/object.rb +389 -0
data/lib/aws-sdk-s3/customizations/object_summary.rb +85 -0
data/lib/aws-sdk-s3/customizations/types/list_object_versions_output.rb +13 -0
data/lib/aws-sdk-s3/encryption.rb +21 -0
data/lib/aws-sdk-s3/encryption/client.rb +375 -0
data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +190 -0
data/lib/aws-sdk-s3/encryption/default_cipher_provider.rb +65 -0
data/lib/aws-sdk-s3/encryption/default_key_provider.rb +40 -0
data/lib/aws-sdk-s3/encryption/encrypt_handler.rb +61 -0
data/lib/aws-sdk-s3/encryption/errors.rb +15 -0
data/lib/aws-sdk-s3/encryption/io_auth_decrypter.rb +58 -0
data/lib/aws-sdk-s3/encryption/io_decrypter.rb +36 -0
data/lib/aws-sdk-s3/encryption/io_encrypter.rb +71 -0
data/lib/aws-sdk-s3/encryption/key_provider.rb +31 -0
data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +75 -0
data/lib/aws-sdk-s3/encryption/materials.rb +60 -0
data/lib/aws-sdk-s3/encryption/utils.rb +81 -0
data/lib/aws-sdk-s3/encryptionV2/client.rb +388 -0
data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +198 -0
data/lib/aws-sdk-s3/encryptionV2/default_cipher_provider.rb +103 -0
data/lib/aws-sdk-s3/encryptionV2/default_key_provider.rb +38 -0
data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +66 -0
data/lib/aws-sdk-s3/encryptionV2/errors.rb +13 -0
data/lib/aws-sdk-s3/encryptionV2/io_auth_decrypter.rb +56 -0
data/lib/aws-sdk-s3/encryptionV2/io_decrypter.rb +35 -0
data/lib/aws-sdk-s3/encryptionV2/io_encrypter.rb +71 -0
data/lib/aws-sdk-s3/encryptionV2/key_provider.rb +29 -0
data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +99 -0
data/lib/aws-sdk-s3/encryptionV2/materials.rb +58 -0
data/lib/aws-sdk-s3/encryptionV2/utils.rb +116 -0
data/lib/aws-sdk-s3/encryption_v2.rb +20 -0
data/lib/aws-sdk-s3/errors.rb +115 -0
data/lib/aws-sdk-s3/event_streams.rb +69 -0
data/lib/aws-sdk-s3/file_downloader.rb +142 -0
data/lib/aws-sdk-s3/file_part.rb +78 -0
data/lib/aws-sdk-s3/file_uploader.rb +70 -0
data/lib/aws-sdk-s3/legacy_signer.rb +189 -0
data/lib/aws-sdk-s3/multipart_file_uploader.rb +227 -0
data/lib/aws-sdk-s3/multipart_stream_uploader.rb +173 -0
data/lib/aws-sdk-s3/multipart_upload.rb +401 -0
data/lib/aws-sdk-s3/multipart_upload_error.rb +18 -0
data/lib/aws-sdk-s3/multipart_upload_part.rb +423 -0
data/lib/aws-sdk-s3/object.rb +1422 -0
data/lib/aws-sdk-s3/object_acl.rb +333 -0
data/lib/aws-sdk-s3/object_copier.rb +101 -0
data/lib/aws-sdk-s3/object_multipart_copier.rb +182 -0
data/lib/aws-sdk-s3/object_summary.rb +1181 -0
data/lib/aws-sdk-s3/object_version.rb +550 -0
data/lib/aws-sdk-s3/plugins/accelerate.rb +87 -0
data/lib/aws-sdk-s3/plugins/bucket_arn.rb +212 -0
data/lib/aws-sdk-s3/plugins/bucket_dns.rb +91 -0
data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb +45 -0
data/lib/aws-sdk-s3/plugins/dualstack.rb +74 -0
data/lib/aws-sdk-s3/plugins/expect_100_continue.rb +28 -0
data/lib/aws-sdk-s3/plugins/get_bucket_location_fix.rb +25 -0
data/lib/aws-sdk-s3/plugins/http_200_errors.rb +55 -0
data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +62 -0
data/lib/aws-sdk-s3/plugins/location_constraint.rb +35 -0
data/lib/aws-sdk-s3/plugins/md5s.rb +84 -0
data/lib/aws-sdk-s3/plugins/redirects.rb +45 -0
data/lib/aws-sdk-s3/plugins/s3_host_id.rb +30 -0
data/lib/aws-sdk-s3/plugins/s3_signer.rb +222 -0
data/lib/aws-sdk-s3/plugins/sse_cpk.rb +70 -0
data/lib/aws-sdk-s3/plugins/streaming_retry.rb +118 -0
data/lib/aws-sdk-s3/plugins/url_encoded_keys.rb +97 -0
data/lib/aws-sdk-s3/presigned_post.rb +686 -0
data/lib/aws-sdk-s3/presigner.rb +253 -0
data/lib/aws-sdk-s3/resource.rb +117 -0
data/lib/aws-sdk-s3/types.rb +13154 -0
data/lib/aws-sdk-s3/waiters.rb +243 -0
metadata +184 -0

data/lib/aws-sdk-s3/plugins/accelerate.rb ADDED

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+module Aws
+  module S3
+    module Plugins
+      # Provides support for using `Aws::S3::Client` with Amazon S3 Transfer
+      # Acceleration.
+      #
+      # Go here for more information about transfer acceleration:
+      # [http://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html](http://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html)
+      class Accelerate < Seahorse::Client::Plugin
+        option(
+          :use_accelerate_endpoint,
+          default: false,
+          doc_type: 'Boolean',
+          docstring: <<-DOCS)
+When set to `true`, accelerated bucket endpoints will be used
+for all object operations. You must first enable accelerate for
+each bucket. [Go here for more information](http://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html).
+          DOCS
+        def add_handlers(handlers, config)
+          operations = config.api.operation_names - [
+            :create_bucket, :list_buckets, :delete_bucket
+          ]
+          # Need 2 handlers so that the context can be set for other plugins
+          # and to remove :use_accelerate_endpoint from the params.
+          handlers.add(
+            OptionHandler, step: :initialize, operations: operations
+          )
+          handlers.add(
+            AccelerateHandler, step: :build, priority: 0, operations: operations
+          )
+        end
+        # @api private
+        class OptionHandler < Seahorse::Client::Handler
+          def call(context)
+            # Support client configuration and per-operation configuration
+            if context.params.is_a?(Hash)
+              accelerate = context.params.delete(:use_accelerate_endpoint)
+            end
+            if accelerate.nil?
+              accelerate = context.config.use_accelerate_endpoint
+            end
+            context[:use_accelerate_endpoint] = accelerate
+            @handler.call(context)
+          end
+        end
+        # @api private
+        class AccelerateHandler < Seahorse::Client::Handler
+          def call(context)
+            if context[:use_accelerate_endpoint]
+              dualstack = !!context[:use_dualstack_endpoint]
+              use_accelerate_endpoint(context, dualstack)
+            end
+            @handler.call(context)
+          end
+          private
+          def use_accelerate_endpoint(context, dualstack)
+            bucket_name = context.params[:bucket]
+            validate_bucket_name!(bucket_name)
+            endpoint = URI.parse(context.http_request.endpoint.to_s)
+            endpoint.scheme = 'https'
+            endpoint.port = 443
+            endpoint.host = "#{bucket_name}.s3-accelerate"\
+                            "#{'.dualstack' if dualstack}.amazonaws.com"
+            context.http_request.endpoint = endpoint.to_s
+            # s3 accelerate endpoint doesn't work with 'expect' header
+            context.http_request.headers.delete('expect')
+          end
+          def validate_bucket_name!(bucket_name)
+            unless BucketDns.dns_compatible?(bucket_name, _ssl = true)
+              raise ArgumentError,
+                    'Unable to use `use_accelerate_endpoint: true` on buckets '\
+                    'with non-DNS compatible names.'
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/plugins/bucket_arn.rb ADDED

@@ -0,0 +1,212 @@
+# frozen_string_literal: true
+module Aws
+  module S3
+    module Plugins
+      # When an accesspoint ARN is provided for :bucket in S3 operations, this
+      # plugin resolves the request endpoint from the ARN when possible.
+      class BucketARN < Seahorse::Client::Plugin
+        option(
+          :s3_use_arn_region,
+          default: true,
+          doc_type: 'Boolean',
+          docstring: <<-DOCS) do |cfg|
+By default, the SDK will use the S3 ARN region, and cross-region
+requests could be made. Set to `false` to not use the region from
+the S3 ARN.
+          DOCS
+          resolve_s3_use_arn_region(cfg)
+        end
+        def add_handlers(handlers, _config)
+          handlers.add(Handler)
+        end
+        # @api private
+        class Handler < Seahorse::Client::Handler
+          def call(context)
+            bucket_member = _bucket_member(context.operation.input.shape)
+            if bucket_member && (bucket = context.params[bucket_member])
+              _resolved_bucket, _resolved_region, arn = BucketARN.resolve_arn!(
+                bucket,
+                context.config.region,
+                context.config.s3_use_arn_region
+              )
+              if arn
+                if arn.resource.start_with?('accesspoint')
+                  validate_config!(context.config)
+                end
+                dualstack = extract_dualstack_config!(context)
+                BucketARN.resolve_url!(
+                  context.http_request.endpoint,
+                  arn,
+                  dualstack
+                )
+              end
+            end
+            @handler.call(context)
+          end
+          private
+          def _bucket_member(input)
+            input.members.each do |member, ref|
+              return member if ref.shape.name == 'BucketName'
+            end
+            nil
+          end
+          # other plugins use dualstack so disable it when we're done
+          def extract_dualstack_config!(context)
+            dualstack = context[:use_dualstack_endpoint]
+            context[:use_dualstack_endpoint] = false if dualstack
+            dualstack
+          end
+          def validate_config!(config)
+            unless config.regional_endpoint
+              raise ArgumentError,
+                'Cannot provide both an accesspoint ARN and :endpoint.'
+            end
+            if config.use_accelerate_endpoint
+              raise ArgumentError,
+                'Cannot provide both an accesspoint ARN and setting '\
+                ':use_accelerate_endpoint to true.'
+            end
+            if config.force_path_style
+              raise ArgumentError,
+                'Cannot provide both an accesspoint ARN and setting '\
+                ':force_path_style to true.'
+            end
+          end
+        end
+        class << self
+          # @api private
+          def resolve_arn!(bucket_name, region, s3_use_arn_region)
+            if Aws::ARNParser.arn?(bucket_name)
+              arn = Aws::ARNParser.parse(bucket_name)
+              validate_s3_arn!(arn)
+              validate_region!(arn, region, s3_use_arn_region)
+              if arn.resource.start_with?('accesspoint')
+                region = arn.region if s3_use_arn_region
+                [bucket_name, region, arn]
+              else
+                raise ArgumentError,
+                  'Only accesspoint type ARNs are currently supported.'
+              end
+            else
+              [bucket_name, region]
+            end
+          end
+          # @api private
+          def resolve_url!(url, arn, dualstack = false)
+            if arn.resource.start_with?('accesspoint')
+              url.host = accesspoint_arn_host(arn, dualstack)
+            else
+              raise ArgumentError,
+                'Only accesspoint type ARNs are currently supported.'
+            end
+            url.path = url_path(url.path, arn)
+            url
+          end
+          private
+          def accesspoint_arn_host(arn, dualstack)
+            _resource_type, resource_name = parse_resource(arn.resource)
+            sfx = Aws::Partitions::EndpointProvider.dns_suffix_for(arn.region)
+            "#{resource_name}-#{arn.account_id}"\
+            '.s3-accesspoint'\
+            "#{'.dualstack' if dualstack}"\
+            ".#{arn.region}.#{sfx}"
+          end
+          def parse_resource(str)
+            slash = str.index('/') || str.length
+            colon = str.index(':') || str.length
+            delimiter = slash < colon ? slash : colon
+            if delimiter < str.length
+              [str[0..(delimiter - 1)], str[(delimiter + 1)..-1]]
+            else
+              [nil, str]
+            end
+          end
+          def resolve_s3_use_arn_region(cfg)
+            value = ENV['AWS_S3_USE_ARN_REGION'] ||
+                    Aws.shared_config.s3_use_arn_region(profile: cfg.profile) ||
+                    'true'
+            # Raise if provided value is not true or false
+            if value != 'true' && value != 'false'
+              raise ArgumentError,
+                'Must provide either `true` or `false` for '\
+                's3_use_arn_region profile option or for '\
+                'ENV[\'AWS_S3_USE_ARN_REGION\']'
+            end
+            value == 'true'
+          end
+          def url_path(path, arn)
+            path = path.sub("/#{Seahorse::Util.uri_escape(arn.to_s)}", '')
+                       .sub("/#{arn}", '')
+            "/#{path}" unless path.match(/^\//)
+            path
+          end
+          def validate_s3_arn!(arn)
+            _resource_type, resource_name = parse_resource(arn.resource)
+            unless arn.service == 's3'
+              raise ArgumentError, 'Must provide an S3 ARN.'
+            end
+            if arn.region.empty? || arn.account_id.empty?
+              raise ArgumentError,
+                'S3 Access Point ARNs must contain both a valid region '\
+                ' and a valid account id.'
+            end
+            if resource_name.include?(':') || resource_name.include?('/')
+              raise ArgumentError,
+                'ARN resource id must be a single value.'
+            end
+            unless Plugins::BucketDns.valid_subdomain?(
+              "#{resource_name}-#{arn.account_id}"
+            )
+              raise ArgumentError,
+                "#{resource_name}-#{arn.account_id} is not a "\
+                'valid subdomain.'
+            end
+          end
+          def validate_region!(arn, region, s3_use_arn_region)
+            if region.include?('fips')
+              raise ArgumentError,
+                'FIPS client regions are currently not supported with '\
+                'accesspoint ARNs.'
+            end
+            if s3_use_arn_region &&
+               !Aws::Partitions.partition(arn.partition).region?(region)
+              raise Aws::Errors::InvalidARNPartitionError
+            end
+            if !s3_use_arn_region && region != arn.region
+              raise Aws::Errors::InvalidARNRegionError
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/plugins/bucket_dns.rb ADDED

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+module Aws
+  module S3
+    module Plugins
+      # Amazon S3 requires DNS style addressing for buckets outside of
+      # the classic region when possible.
+      class BucketDns < Seahorse::Client::Plugin
+        # When set to `false` DNS compatible bucket names are moved from
+        # the request URI path to the host as a subdomain, unless the request
+        # is using SSL and the bucket name contains a dot.
+        #
+        # When set to `true`, the bucket name is always forced to be part
+        # of the request URI path.  This will not work with buckets outside
+        # the classic region.
+        option(:force_path_style,
+          default: false,
+          doc_type: 'Boolean',
+          docstring: <<-DOCS)
+When set to `true`, the bucket name is always left in the
+request URI and never moved to the host as a sub-domain.
+          DOCS
+        def add_handlers(handlers, config)
+          handlers.add(Handler) unless config.force_path_style
+        end
+        # @api private
+        class Handler < Seahorse::Client::Handler
+          def call(context)
+            move_dns_compat_bucket_to_subdomain(context)
+            @handler.call(context)
+          end
+          private
+          def move_dns_compat_bucket_to_subdomain(context)
+            bucket_name = context.params[:bucket]
+            endpoint = context.http_request.endpoint
+            if bucket_name &&
+               BucketDns.dns_compatible?(bucket_name, https?(endpoint)) &&
+               context.operation_name.to_s != 'get_bucket_location'
+              move_bucket_to_subdomain(bucket_name, endpoint)
+            end
+          end
+          def move_bucket_to_subdomain(bucket_name, endpoint)
+            endpoint.host = "#{bucket_name}.#{endpoint.host}"
+            path = endpoint.path.sub("/#{bucket_name}", '')
+            path = "/#{path}" unless path.match(/^\//)
+            endpoint.path = path
+          end
+          def https?(uri)
+            uri.scheme == 'https'
+          end
+        end
+        class << self
+          # @param [String] bucket_name
+          # @param [Boolean] ssl
+          # @return [Boolean]
+          def dns_compatible?(bucket_name, ssl)
+            if valid_subdomain?(bucket_name)
+              bucket_name.match(/\./) && ssl ? false : true
+            else
+              false
+            end
+          end
+          # Checks for a valid RFC-3986 host name
+          # @see https://tools.ietf.org/html/rfc3986#section-3.2.2
+          # @param [String] bucket_name
+          # @return [Boolean]
+          def valid_subdomain?(bucket_name)
+            bucket_name.size < 64 &&
+            bucket_name =~ /^[a-z0-9][a-z0-9.-]+[a-z0-9]$/ &&
+            bucket_name !~ /(\d+\.){3}\d+/ &&
+            bucket_name !~ /[.-]{2}/
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb ADDED

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+module Aws
+  module S3
+    module Plugins
+      # @api private
+      class BucketNameRestrictions < Seahorse::Client::Plugin
+        class Handler < Seahorse::Client::Handler
+          # Useful because Aws::S3::Errors::SignatureDoesNotMatch is thrown
+          # when passed a bucket with a forward slash. Instead provide a more
+          # helpful error. Ideally should not be a plugin?
+          def call(context)
+            bucket_member = _bucket_member(context.operation.input.shape)
+            if bucket_member && (bucket = context.params[bucket_member])
+              _resolved_bucket, _resolved_region, arn = BucketARN.resolve_arn!(
+                bucket,
+                context.config.region,
+                context.config.s3_use_arn_region
+              )
+              if !arn && bucket.include?('/')
+                raise ArgumentError,
+                      'bucket name must not contain a forward-slash (/)'
+              end
+            end
+            @handler.call(context)
+          end
+          private
+          def _bucket_member(input)
+            input.members.each do |member, ref|
+              return member if ref.shape.name == 'BucketName'
+            end
+            nil
+          end
+        end
+        handler(Handler)
+      end
+    end
+  end
+end

data/lib/aws-sdk-s3/plugins/dualstack.rb ADDED

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+module Aws
+  module S3
+    module Plugins
+      # @api private
+      class Dualstack < Seahorse::Client::Plugin
+        option(:use_dualstack_endpoint,
+          default: false,
+          doc_type: 'Boolean',
+          docstring: <<-DOCS)
+When set to `true`, IPv6-compatible bucket endpoints will be used
+for all operations.
+          DOCS
+        def add_handlers(handlers, config)
+          handlers.add(OptionHandler, step: :initialize)
+          handlers.add(DualstackHandler, step: :build, priority: 0)
+        end
+        # @api private
+        class OptionHandler < Seahorse::Client::Handler
+          def call(context)
+            if context.params.is_a?(Hash)
+              dualstack = context.params.delete(:use_dualstack_endpoint)
+            end
+            dualstack = context.config.use_dualstack_endpoint if dualstack.nil?
+            context[:use_dualstack_endpoint] = dualstack
+            @handler.call(context)
+          end
+        end
+        # @api private
+        class DualstackHandler < Seahorse::Client::Handler
+          def call(context)
+            apply_dualstack_endpoint(context) if use_dualstack_endpoint?(context)
+            @handler.call(context)
+          end
+          private
+          def apply_dualstack_endpoint(context)
+            bucket_name = context.params[:bucket]
+            region = context.config.region
+            context.config.force_path_style
+            dns_suffix = Aws::Partitions::EndpointProvider.dns_suffix_for(region)
+            if use_bucket_dns?(bucket_name, context)
+              host = "#{bucket_name}.s3.dualstack.#{region}.#{dns_suffix}"
+            else
+              host = "s3.dualstack.#{region}.#{dns_suffix}"
+            end
+            endpoint = URI.parse(context.http_request.endpoint.to_s)
+            endpoint.scheme = context.http_request.endpoint.scheme
+            endpoint.port = context.http_request.endpoint.port
+            endpoint.host = host
+            context.http_request.endpoint = endpoint.to_s
+          end
+          def use_bucket_dns?(bucket_name, context)
+            ssl = context.http_request.endpoint.scheme == "https"
+            bucket_name && BucketDns.dns_compatible?(bucket_name, ssl) &&
+              !context.config.force_path_style
+          end
+          def use_dualstack_endpoint?(context)
+            context[:use_dualstack_endpoint] && !context[:use_accelerate_endpoint]
+          end
+        end
+      end
+    end
+  end
+end