aws-sdk-s3 1.92.0 → 1.114.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +167 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/arn/access_point_arn.rb +12 -9
- data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +68 -0
- data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +12 -9
- data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +8 -9
- data/lib/aws-sdk-s3/bucket.rb +134 -36
- data/lib/aws-sdk-s3/bucket_acl.rb +25 -6
- data/lib/aws-sdk-s3/bucket_cors.rb +23 -6
- data/lib/aws-sdk-s3/bucket_lifecycle.rb +27 -8
- data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +28 -6
- data/lib/aws-sdk-s3/bucket_logging.rb +22 -6
- data/lib/aws-sdk-s3/bucket_notification.rb +19 -7
- data/lib/aws-sdk-s3/bucket_policy.rb +23 -6
- data/lib/aws-sdk-s3/bucket_request_payment.rb +21 -4
- data/lib/aws-sdk-s3/bucket_tagging.rb +23 -6
- data/lib/aws-sdk-s3/bucket_versioning.rb +63 -12
- data/lib/aws-sdk-s3/bucket_website.rb +23 -6
- data/lib/aws-sdk-s3/client.rb +2902 -1449
- data/lib/aws-sdk-s3/client_api.rb +390 -21
- data/lib/aws-sdk-s3/customizations/object.rb +107 -15
- data/lib/aws-sdk-s3/encryption/client.rb +1 -1
- data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/encryptionV2/client.rb +1 -1
- data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/file_downloader.rb +7 -2
- data/lib/aws-sdk-s3/file_uploader.rb +8 -3
- data/lib/aws-sdk-s3/multipart_file_uploader.rb +26 -7
- data/lib/aws-sdk-s3/multipart_upload.rb +129 -15
- data/lib/aws-sdk-s3/multipart_upload_part.rb +136 -16
- data/lib/aws-sdk-s3/object.rb +369 -108
- data/lib/aws-sdk-s3/object_acl.rb +28 -9
- data/lib/aws-sdk-s3/object_summary.rb +221 -93
- data/lib/aws-sdk-s3/object_version.rb +70 -43
- data/lib/aws-sdk-s3/plugins/accelerate.rb +7 -1
- data/lib/aws-sdk-s3/plugins/arn.rb +72 -30
- data/lib/aws-sdk-s3/plugins/bucket_dns.rb +1 -1
- data/lib/aws-sdk-s3/plugins/dualstack.rb +25 -31
- data/lib/aws-sdk-s3/plugins/get_bucket_location_fix.rb +1 -1
- data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +6 -0
- data/lib/aws-sdk-s3/plugins/md5s.rb +5 -3
- data/lib/aws-sdk-s3/plugins/s3_signer.rb +35 -6
- data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
- data/lib/aws-sdk-s3/plugins/streaming_retry.rb +23 -2
- data/lib/aws-sdk-s3/presigned_post.rb +38 -19
- data/lib/aws-sdk-s3/presigner.rb +18 -3
- data/lib/aws-sdk-s3/resource.rb +22 -2
- data/lib/aws-sdk-s3/types.rb +3041 -1015
- data/lib/aws-sdk-s3.rb +1 -1
- metadata +12 -11
@@ -36,6 +36,17 @@ module Aws
|
|
36
36
|
def rewind; end
|
37
37
|
end
|
38
38
|
|
39
|
+
class NonRetryableStreamingError < StandardError
|
40
|
+
|
41
|
+
def initialize(error)
|
42
|
+
super('Unable to retry request - retry could result in processing duplicated chunks.')
|
43
|
+
set_backtrace(error.backtrace)
|
44
|
+
@original_error = error
|
45
|
+
end
|
46
|
+
|
47
|
+
attr_reader :original_error
|
48
|
+
end
|
49
|
+
|
39
50
|
# This handler works with the ResponseTarget plugin to provide smart
|
40
51
|
# retries of S3 streaming operations that support the range parameter
|
41
52
|
# (currently only: get_object). When a 200 OK with a TruncatedBodyError
|
@@ -84,8 +95,18 @@ module Aws
|
|
84
95
|
end
|
85
96
|
|
86
97
|
context.http_response.on_error do |error|
|
87
|
-
if retryable_body?(context)
|
88
|
-
|
98
|
+
if retryable_body?(context)
|
99
|
+
if truncated_body?(error)
|
100
|
+
context.http_request.headers[:range] = "bytes=#{context.http_response.body.size}-"
|
101
|
+
else
|
102
|
+
case context.http_response.body
|
103
|
+
when RetryableManagedFile
|
104
|
+
# call rewind on the underlying file
|
105
|
+
context.http_response.body.instance_variable_get(:@file).rewind
|
106
|
+
else
|
107
|
+
raise NonRetryableStreamingError, error
|
108
|
+
end
|
109
|
+
end
|
89
110
|
end
|
90
111
|
end
|
91
112
|
end
|
@@ -98,7 +98,7 @@ module Aws
|
|
98
98
|
# or call the associated method.
|
99
99
|
#
|
100
100
|
# ```ruby
|
101
|
-
# post = Aws::S3::PresignedPost.new(creds, region, bucket)
|
101
|
+
# post = Aws::S3::PresignedPost.new(creds, region, bucket)
|
102
102
|
# post.content_type('text/plain')
|
103
103
|
# ```
|
104
104
|
#
|
@@ -176,11 +176,17 @@ module Aws
|
|
176
176
|
# ```
|
177
177
|
#
|
178
178
|
class PresignedPost
|
179
|
+
@@allowed_fields = []
|
179
180
|
|
180
181
|
# @param [Credentials] credentials Security credentials for signing
|
181
182
|
# the post policy.
|
182
183
|
# @param [String] bucket_region Region of the target bucket.
|
183
184
|
# @param [String] bucket_name Name of the target bucket.
|
185
|
+
# @option options [Boolean] :use_accelerate_endpoint (false) When `true`,
|
186
|
+
# PresignedPost will attempt to use accelerated endpoint.
|
187
|
+
# @option options [String] :url See {PresignedPost#url}.
|
188
|
+
# @option options [Sting, Array<String>] :allow_any
|
189
|
+
# See {PresignedPost#allow_any}.
|
184
190
|
# @option options [Time] :signature_expiration Specify when the signature on
|
185
191
|
# the post will expire. Defaults to one hour from creation of the
|
186
192
|
# presigned post. May not exceed one week from creation time.
|
@@ -205,7 +211,7 @@ module Aws
|
|
205
211
|
# See {PresignedPost#content_encoding}.
|
206
212
|
# @option options [String] :content_encoding_starts_with
|
207
213
|
# See {PresignedPost#content_encoding_starts_with}.
|
208
|
-
# @option options [
|
214
|
+
# @option options [Time] :expires See {PresignedPost#expires}.
|
209
215
|
# @option options [String] :expires_starts_with
|
210
216
|
# See {PresignedPost#expires_starts_with}.
|
211
217
|
# @option options [Range<Integer>] :content_length_range
|
@@ -232,6 +238,8 @@ module Aws
|
|
232
238
|
# See {PresignedPost#server_side_encryption_customer_algorithm}.
|
233
239
|
# @option options [String] :server_side_encryption_customer_key
|
234
240
|
# See {PresignedPost#server_side_encryption_customer_key}.
|
241
|
+
# @option options [String] :server_side_encryption_customer_key_starts_with
|
242
|
+
# See {PresignedPost#server_side_encryption_customer_key_starts_with}.
|
235
243
|
def initialize(credentials, bucket_region, bucket_name, options = {})
|
236
244
|
@credentials = credentials.credentials
|
237
245
|
@bucket_region = bucket_region
|
@@ -247,7 +255,12 @@ module Aws
|
|
247
255
|
case option_name
|
248
256
|
when :allow_any then allow_any(option_value)
|
249
257
|
when :signature_expiration then @signature_expiration = option_value
|
250
|
-
else
|
258
|
+
else
|
259
|
+
if @@allowed_fields.include?(option_name)
|
260
|
+
send("#{option_name}", option_value)
|
261
|
+
else
|
262
|
+
raise ArgumentError, "Unsupported option: #{option_name}"
|
263
|
+
end
|
251
264
|
end
|
252
265
|
end
|
253
266
|
end
|
@@ -279,17 +292,23 @@ module Aws
|
|
279
292
|
end
|
280
293
|
|
281
294
|
# @api private
|
282
|
-
def self.define_field(field, *args)
|
295
|
+
def self.define_field(field, *args, &block)
|
296
|
+
@@allowed_fields << field
|
283
297
|
options = args.last.is_a?(Hash) ? args.pop : {}
|
284
298
|
field_name = args.last || field.to_s
|
285
299
|
|
286
|
-
|
287
|
-
|
288
|
-
|
300
|
+
if block_given?
|
301
|
+
define_method("#{field}", block)
|
302
|
+
else
|
303
|
+
define_method("#{field}") do |value|
|
304
|
+
with(field_name, value)
|
305
|
+
end
|
289
306
|
|
290
|
-
|
291
|
-
|
292
|
-
|
307
|
+
if options[:starts_with]
|
308
|
+
@@allowed_fields << "#{field}_starts_with".to_sym
|
309
|
+
define_method("#{field}_starts_with") do |value|
|
310
|
+
starts_with(field_name, value)
|
311
|
+
end
|
293
312
|
end
|
294
313
|
end
|
295
314
|
end
|
@@ -307,7 +326,7 @@ module Aws
|
|
307
326
|
# @param [String] key
|
308
327
|
# @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
|
309
328
|
# @return [self]
|
310
|
-
|
329
|
+
define_field(:key) do |key|
|
311
330
|
@key_set = true
|
312
331
|
with('key', key)
|
313
332
|
end
|
@@ -316,7 +335,7 @@ module Aws
|
|
316
335
|
# @param [String] prefix
|
317
336
|
# @see #key
|
318
337
|
# @return [self]
|
319
|
-
|
338
|
+
define_field(:key_starts_with) do |prefix|
|
320
339
|
@key_set = true
|
321
340
|
starts_with('key', prefix)
|
322
341
|
end
|
@@ -399,21 +418,21 @@ module Aws
|
|
399
418
|
# @param [Time] time
|
400
419
|
# @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
|
401
420
|
# @return [self]
|
402
|
-
|
421
|
+
define_field(:expires) do |time|
|
403
422
|
with('Expires', time.httpdate)
|
404
423
|
end
|
405
424
|
|
406
425
|
# @param [String] prefix
|
407
426
|
# @see #expires
|
408
427
|
# @return [self]
|
409
|
-
|
428
|
+
define_field(:expires_starts_with) do |prefix|
|
410
429
|
starts_with('Expires', prefix)
|
411
430
|
end
|
412
431
|
|
413
432
|
# The minimum and maximum allowable size for the uploaded content.
|
414
433
|
# @param [Range<Integer>] byte_range
|
415
434
|
# @return [self]
|
416
|
-
|
435
|
+
define_field(:content_length_range) do |byte_range|
|
417
436
|
min = byte_range.begin
|
418
437
|
max = byte_range.end
|
419
438
|
max -= 1 if byte_range.exclude_end?
|
@@ -492,7 +511,7 @@ module Aws
|
|
492
511
|
# prefixed with "x-amz-meta-".
|
493
512
|
# @param [Hash<String,String>] hash
|
494
513
|
# @return [self]
|
495
|
-
|
514
|
+
define_field(:metadata) do |hash|
|
496
515
|
hash.each do |key, value|
|
497
516
|
with("x-amz-meta-#{key}", value)
|
498
517
|
end
|
@@ -503,7 +522,7 @@ module Aws
|
|
503
522
|
# @param [Hash<String,String>] hash
|
504
523
|
# @see #metadata
|
505
524
|
# @return [self]
|
506
|
-
|
525
|
+
define_field(:metadata_starts_with) do |hash|
|
507
526
|
hash.each do |key, value|
|
508
527
|
starts_with("x-amz-meta-#{key}", value)
|
509
528
|
end
|
@@ -561,7 +580,7 @@ module Aws
|
|
561
580
|
# @param [String] value
|
562
581
|
# @see #server_side_encryption_customer_algorithm
|
563
582
|
# @return [self]
|
564
|
-
|
583
|
+
define_field(:server_side_encryption_customer_key) do |value|
|
565
584
|
field_name = 'x-amz-server-side-encryption-customer-key'
|
566
585
|
with(field_name, base64(value))
|
567
586
|
with(field_name + '-MD5', base64(OpenSSL::Digest::MD5.digest(value)))
|
@@ -570,7 +589,7 @@ module Aws
|
|
570
589
|
# @param [String] prefix
|
571
590
|
# @see #server_side_encryption_customer_key
|
572
591
|
# @return [self]
|
573
|
-
|
592
|
+
define_field(:server_side_encryption_customer_key_starts_with) do |prefix|
|
574
593
|
field_name = 'x-amz-server-side-encryption-customer-key'
|
575
594
|
starts_with(field_name, prefix)
|
576
595
|
end
|
data/lib/aws-sdk-s3/presigner.rb
CHANGED
@@ -138,6 +138,7 @@ module Aws
|
|
138
138
|
|
139
139
|
req = @client.build_request(method, params)
|
140
140
|
use_bucket_as_hostname(req) if virtual_host
|
141
|
+
handle_presigned_url_context(req)
|
141
142
|
|
142
143
|
x_amz_headers = sign_but_dont_send(
|
143
144
|
req, expires_in, scheme, time, unsigned_headers, hoist
|
@@ -183,6 +184,17 @@ module Aws
|
|
183
184
|
end
|
184
185
|
end
|
185
186
|
|
187
|
+
# Used for excluding presigned_urls from API request count.
|
188
|
+
#
|
189
|
+
# Store context information as early as possible, to allow
|
190
|
+
# handlers to perform decisions based on this flag if need.
|
191
|
+
def handle_presigned_url_context(req)
|
192
|
+
req.handle(step: :initialize, priority: 98) do |context|
|
193
|
+
context[:presigned_url] = true
|
194
|
+
@handler.call(context)
|
195
|
+
end
|
196
|
+
end
|
197
|
+
|
186
198
|
# @param [Seahorse::Client::Request] req
|
187
199
|
def sign_but_dont_send(
|
188
200
|
req, expires_in, scheme, time, unsigned_headers, hoist = true
|
@@ -219,17 +231,23 @@ module Aws
|
|
219
231
|
end
|
220
232
|
http_req.endpoint.query = query.join('&') unless query.empty?
|
221
233
|
|
234
|
+
signing_algorithm = :sigv4
|
235
|
+
|
222
236
|
# If it's an ARN, get the resolved region and service
|
223
237
|
if (arn = context.metadata[:s3_arn])
|
224
238
|
region = arn[:resolved_region]
|
225
239
|
service = arn[:arn].service
|
240
|
+
region = arn[:arn].is_a?(MultiRegionAccessPointARN) ? '*': arn[:resolved_region]
|
241
|
+
signing_algorithm = arn[:arn].is_a?(MultiRegionAccessPointARN) ? :sigv4a : :sigv4
|
226
242
|
end
|
227
243
|
|
228
244
|
signer = Aws::Sigv4::Signer.new(
|
229
245
|
service: service || 's3',
|
230
246
|
region: region || context.config.region,
|
247
|
+
signing_algorithm: signing_algorithm,
|
231
248
|
credentials_provider: context.config.credentials,
|
232
249
|
unsigned_headers: unsigned_headers,
|
250
|
+
apply_checksum_header: false,
|
233
251
|
uri_escape_path: false
|
234
252
|
)
|
235
253
|
|
@@ -242,9 +260,6 @@ module Aws
|
|
242
260
|
time: time
|
243
261
|
).to_s
|
244
262
|
|
245
|
-
# Used for excluding presigned_urls from API request count
|
246
|
-
context[:presigned_url] = true
|
247
|
-
|
248
263
|
Seahorse::Client::Response.new(context: context, data: url)
|
249
264
|
end
|
250
265
|
# Return the headers
|
data/lib/aws-sdk-s3/resource.rb
CHANGED
@@ -49,6 +49,7 @@ module Aws::S3
|
|
49
49
|
# grant_write: "GrantWrite",
|
50
50
|
# grant_write_acp: "GrantWriteACP",
|
51
51
|
# object_lock_enabled_for_bucket: false,
|
52
|
+
# object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
|
52
53
|
# })
|
53
54
|
# @param [Hash] options ({})
|
54
55
|
# @option options [String] :acl
|
@@ -65,13 +66,32 @@ module Aws::S3
|
|
65
66
|
# @option options [String] :grant_read_acp
|
66
67
|
# Allows grantee to read the bucket ACL.
|
67
68
|
# @option options [String] :grant_write
|
68
|
-
# Allows grantee to create
|
69
|
-
#
|
69
|
+
# Allows grantee to create new objects in the bucket.
|
70
|
+
#
|
71
|
+
# For the bucket and object owners of existing objects, also allows
|
72
|
+
# deletions and overwrites of those objects.
|
70
73
|
# @option options [String] :grant_write_acp
|
71
74
|
# Allows grantee to write the ACL for the applicable bucket.
|
72
75
|
# @option options [Boolean] :object_lock_enabled_for_bucket
|
73
76
|
# Specifies whether you want S3 Object Lock to be enabled for the new
|
74
77
|
# bucket.
|
78
|
+
# @option options [String] :object_ownership
|
79
|
+
# The container element for object ownership for a bucket's ownership
|
80
|
+
# controls.
|
81
|
+
#
|
82
|
+
# BucketOwnerPreferred - Objects uploaded to the bucket change ownership
|
83
|
+
# to the bucket owner if the objects are uploaded with the
|
84
|
+
# `bucket-owner-full-control` canned ACL.
|
85
|
+
#
|
86
|
+
# ObjectWriter - The uploading account will own the object if the object
|
87
|
+
# is uploaded with the `bucket-owner-full-control` canned ACL.
|
88
|
+
#
|
89
|
+
# BucketOwnerEnforced - Access control lists (ACLs) are disabled and no
|
90
|
+
# longer affect permissions. The bucket owner automatically owns and has
|
91
|
+
# full control over every object in the bucket. The bucket only accepts
|
92
|
+
# PUT requests that don't specify an ACL or bucket owner full control
|
93
|
+
# ACLs, such as the `bucket-owner-full-control` canned ACL or an
|
94
|
+
# equivalent form of this ACL expressed in the XML format.
|
75
95
|
# @return [Bucket]
|
76
96
|
def create_bucket(options = {})
|
77
97
|
@client.create_bucket(options)
|