aws-sdk-s3 1.92.0 → 1.114.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +167 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-s3/arn/access_point_arn.rb +12 -9
- data/lib/aws-sdk-s3/arn/multi_region_access_point_arn.rb +68 -0
- data/lib/aws-sdk-s3/arn/object_lambda_arn.rb +12 -9
- data/lib/aws-sdk-s3/arn/outpost_access_point_arn.rb +8 -9
- data/lib/aws-sdk-s3/bucket.rb +134 -36
- data/lib/aws-sdk-s3/bucket_acl.rb +25 -6
- data/lib/aws-sdk-s3/bucket_cors.rb +23 -6
- data/lib/aws-sdk-s3/bucket_lifecycle.rb +27 -8
- data/lib/aws-sdk-s3/bucket_lifecycle_configuration.rb +28 -6
- data/lib/aws-sdk-s3/bucket_logging.rb +22 -6
- data/lib/aws-sdk-s3/bucket_notification.rb +19 -7
- data/lib/aws-sdk-s3/bucket_policy.rb +23 -6
- data/lib/aws-sdk-s3/bucket_request_payment.rb +21 -4
- data/lib/aws-sdk-s3/bucket_tagging.rb +23 -6
- data/lib/aws-sdk-s3/bucket_versioning.rb +63 -12
- data/lib/aws-sdk-s3/bucket_website.rb +23 -6
- data/lib/aws-sdk-s3/client.rb +2902 -1449
- data/lib/aws-sdk-s3/client_api.rb +390 -21
- data/lib/aws-sdk-s3/customizations/object.rb +107 -15
- data/lib/aws-sdk-s3/encryption/client.rb +1 -1
- data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/encryptionV2/client.rb +1 -1
- data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +0 -4
- data/lib/aws-sdk-s3/file_downloader.rb +7 -2
- data/lib/aws-sdk-s3/file_uploader.rb +8 -3
- data/lib/aws-sdk-s3/multipart_file_uploader.rb +26 -7
- data/lib/aws-sdk-s3/multipart_upload.rb +129 -15
- data/lib/aws-sdk-s3/multipart_upload_part.rb +136 -16
- data/lib/aws-sdk-s3/object.rb +369 -108
- data/lib/aws-sdk-s3/object_acl.rb +28 -9
- data/lib/aws-sdk-s3/object_summary.rb +221 -93
- data/lib/aws-sdk-s3/object_version.rb +70 -43
- data/lib/aws-sdk-s3/plugins/accelerate.rb +7 -1
- data/lib/aws-sdk-s3/plugins/arn.rb +72 -30
- data/lib/aws-sdk-s3/plugins/bucket_dns.rb +1 -1
- data/lib/aws-sdk-s3/plugins/dualstack.rb +25 -31
- data/lib/aws-sdk-s3/plugins/get_bucket_location_fix.rb +1 -1
- data/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb +6 -0
- data/lib/aws-sdk-s3/plugins/md5s.rb +5 -3
- data/lib/aws-sdk-s3/plugins/s3_signer.rb +35 -6
- data/lib/aws-sdk-s3/plugins/skip_whole_multipart_get_checksums.rb +31 -0
- data/lib/aws-sdk-s3/plugins/streaming_retry.rb +23 -2
- data/lib/aws-sdk-s3/presigned_post.rb +38 -19
- data/lib/aws-sdk-s3/presigner.rb +18 -3
- data/lib/aws-sdk-s3/resource.rb +22 -2
- data/lib/aws-sdk-s3/types.rb +3041 -1015
- data/lib/aws-sdk-s3.rb +1 -1
- metadata +12 -11
|
@@ -36,6 +36,17 @@ module Aws
|
|
|
36
36
|
def rewind; end
|
|
37
37
|
end
|
|
38
38
|
|
|
39
|
+
class NonRetryableStreamingError < StandardError
|
|
40
|
+
|
|
41
|
+
def initialize(error)
|
|
42
|
+
super('Unable to retry request - retry could result in processing duplicated chunks.')
|
|
43
|
+
set_backtrace(error.backtrace)
|
|
44
|
+
@original_error = error
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
attr_reader :original_error
|
|
48
|
+
end
|
|
49
|
+
|
|
39
50
|
# This handler works with the ResponseTarget plugin to provide smart
|
|
40
51
|
# retries of S3 streaming operations that support the range parameter
|
|
41
52
|
# (currently only: get_object). When a 200 OK with a TruncatedBodyError
|
|
@@ -84,8 +95,18 @@ module Aws
|
|
|
84
95
|
end
|
|
85
96
|
|
|
86
97
|
context.http_response.on_error do |error|
|
|
87
|
-
if retryable_body?(context)
|
|
88
|
-
|
|
98
|
+
if retryable_body?(context)
|
|
99
|
+
if truncated_body?(error)
|
|
100
|
+
context.http_request.headers[:range] = "bytes=#{context.http_response.body.size}-"
|
|
101
|
+
else
|
|
102
|
+
case context.http_response.body
|
|
103
|
+
when RetryableManagedFile
|
|
104
|
+
# call rewind on the underlying file
|
|
105
|
+
context.http_response.body.instance_variable_get(:@file).rewind
|
|
106
|
+
else
|
|
107
|
+
raise NonRetryableStreamingError, error
|
|
108
|
+
end
|
|
109
|
+
end
|
|
89
110
|
end
|
|
90
111
|
end
|
|
91
112
|
end
|
|
@@ -98,7 +98,7 @@ module Aws
|
|
|
98
98
|
# or call the associated method.
|
|
99
99
|
#
|
|
100
100
|
# ```ruby
|
|
101
|
-
# post = Aws::S3::PresignedPost.new(creds, region, bucket)
|
|
101
|
+
# post = Aws::S3::PresignedPost.new(creds, region, bucket)
|
|
102
102
|
# post.content_type('text/plain')
|
|
103
103
|
# ```
|
|
104
104
|
#
|
|
@@ -176,11 +176,17 @@ module Aws
|
|
|
176
176
|
# ```
|
|
177
177
|
#
|
|
178
178
|
class PresignedPost
|
|
179
|
+
@@allowed_fields = []
|
|
179
180
|
|
|
180
181
|
# @param [Credentials] credentials Security credentials for signing
|
|
181
182
|
# the post policy.
|
|
182
183
|
# @param [String] bucket_region Region of the target bucket.
|
|
183
184
|
# @param [String] bucket_name Name of the target bucket.
|
|
185
|
+
# @option options [Boolean] :use_accelerate_endpoint (false) When `true`,
|
|
186
|
+
# PresignedPost will attempt to use accelerated endpoint.
|
|
187
|
+
# @option options [String] :url See {PresignedPost#url}.
|
|
188
|
+
# @option options [Sting, Array<String>] :allow_any
|
|
189
|
+
# See {PresignedPost#allow_any}.
|
|
184
190
|
# @option options [Time] :signature_expiration Specify when the signature on
|
|
185
191
|
# the post will expire. Defaults to one hour from creation of the
|
|
186
192
|
# presigned post. May not exceed one week from creation time.
|
|
@@ -205,7 +211,7 @@ module Aws
|
|
|
205
211
|
# See {PresignedPost#content_encoding}.
|
|
206
212
|
# @option options [String] :content_encoding_starts_with
|
|
207
213
|
# See {PresignedPost#content_encoding_starts_with}.
|
|
208
|
-
# @option options [
|
|
214
|
+
# @option options [Time] :expires See {PresignedPost#expires}.
|
|
209
215
|
# @option options [String] :expires_starts_with
|
|
210
216
|
# See {PresignedPost#expires_starts_with}.
|
|
211
217
|
# @option options [Range<Integer>] :content_length_range
|
|
@@ -232,6 +238,8 @@ module Aws
|
|
|
232
238
|
# See {PresignedPost#server_side_encryption_customer_algorithm}.
|
|
233
239
|
# @option options [String] :server_side_encryption_customer_key
|
|
234
240
|
# See {PresignedPost#server_side_encryption_customer_key}.
|
|
241
|
+
# @option options [String] :server_side_encryption_customer_key_starts_with
|
|
242
|
+
# See {PresignedPost#server_side_encryption_customer_key_starts_with}.
|
|
235
243
|
def initialize(credentials, bucket_region, bucket_name, options = {})
|
|
236
244
|
@credentials = credentials.credentials
|
|
237
245
|
@bucket_region = bucket_region
|
|
@@ -247,7 +255,12 @@ module Aws
|
|
|
247
255
|
case option_name
|
|
248
256
|
when :allow_any then allow_any(option_value)
|
|
249
257
|
when :signature_expiration then @signature_expiration = option_value
|
|
250
|
-
else
|
|
258
|
+
else
|
|
259
|
+
if @@allowed_fields.include?(option_name)
|
|
260
|
+
send("#{option_name}", option_value)
|
|
261
|
+
else
|
|
262
|
+
raise ArgumentError, "Unsupported option: #{option_name}"
|
|
263
|
+
end
|
|
251
264
|
end
|
|
252
265
|
end
|
|
253
266
|
end
|
|
@@ -279,17 +292,23 @@ module Aws
|
|
|
279
292
|
end
|
|
280
293
|
|
|
281
294
|
# @api private
|
|
282
|
-
def self.define_field(field, *args)
|
|
295
|
+
def self.define_field(field, *args, &block)
|
|
296
|
+
@@allowed_fields << field
|
|
283
297
|
options = args.last.is_a?(Hash) ? args.pop : {}
|
|
284
298
|
field_name = args.last || field.to_s
|
|
285
299
|
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
300
|
+
if block_given?
|
|
301
|
+
define_method("#{field}", block)
|
|
302
|
+
else
|
|
303
|
+
define_method("#{field}") do |value|
|
|
304
|
+
with(field_name, value)
|
|
305
|
+
end
|
|
289
306
|
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
307
|
+
if options[:starts_with]
|
|
308
|
+
@@allowed_fields << "#{field}_starts_with".to_sym
|
|
309
|
+
define_method("#{field}_starts_with") do |value|
|
|
310
|
+
starts_with(field_name, value)
|
|
311
|
+
end
|
|
293
312
|
end
|
|
294
313
|
end
|
|
295
314
|
end
|
|
@@ -307,7 +326,7 @@ module Aws
|
|
|
307
326
|
# @param [String] key
|
|
308
327
|
# @see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html)
|
|
309
328
|
# @return [self]
|
|
310
|
-
|
|
329
|
+
define_field(:key) do |key|
|
|
311
330
|
@key_set = true
|
|
312
331
|
with('key', key)
|
|
313
332
|
end
|
|
@@ -316,7 +335,7 @@ module Aws
|
|
|
316
335
|
# @param [String] prefix
|
|
317
336
|
# @see #key
|
|
318
337
|
# @return [self]
|
|
319
|
-
|
|
338
|
+
define_field(:key_starts_with) do |prefix|
|
|
320
339
|
@key_set = true
|
|
321
340
|
starts_with('key', prefix)
|
|
322
341
|
end
|
|
@@ -399,21 +418,21 @@ module Aws
|
|
|
399
418
|
# @param [Time] time
|
|
400
419
|
# @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21
|
|
401
420
|
# @return [self]
|
|
402
|
-
|
|
421
|
+
define_field(:expires) do |time|
|
|
403
422
|
with('Expires', time.httpdate)
|
|
404
423
|
end
|
|
405
424
|
|
|
406
425
|
# @param [String] prefix
|
|
407
426
|
# @see #expires
|
|
408
427
|
# @return [self]
|
|
409
|
-
|
|
428
|
+
define_field(:expires_starts_with) do |prefix|
|
|
410
429
|
starts_with('Expires', prefix)
|
|
411
430
|
end
|
|
412
431
|
|
|
413
432
|
# The minimum and maximum allowable size for the uploaded content.
|
|
414
433
|
# @param [Range<Integer>] byte_range
|
|
415
434
|
# @return [self]
|
|
416
|
-
|
|
435
|
+
define_field(:content_length_range) do |byte_range|
|
|
417
436
|
min = byte_range.begin
|
|
418
437
|
max = byte_range.end
|
|
419
438
|
max -= 1 if byte_range.exclude_end?
|
|
@@ -492,7 +511,7 @@ module Aws
|
|
|
492
511
|
# prefixed with "x-amz-meta-".
|
|
493
512
|
# @param [Hash<String,String>] hash
|
|
494
513
|
# @return [self]
|
|
495
|
-
|
|
514
|
+
define_field(:metadata) do |hash|
|
|
496
515
|
hash.each do |key, value|
|
|
497
516
|
with("x-amz-meta-#{key}", value)
|
|
498
517
|
end
|
|
@@ -503,7 +522,7 @@ module Aws
|
|
|
503
522
|
# @param [Hash<String,String>] hash
|
|
504
523
|
# @see #metadata
|
|
505
524
|
# @return [self]
|
|
506
|
-
|
|
525
|
+
define_field(:metadata_starts_with) do |hash|
|
|
507
526
|
hash.each do |key, value|
|
|
508
527
|
starts_with("x-amz-meta-#{key}", value)
|
|
509
528
|
end
|
|
@@ -561,7 +580,7 @@ module Aws
|
|
|
561
580
|
# @param [String] value
|
|
562
581
|
# @see #server_side_encryption_customer_algorithm
|
|
563
582
|
# @return [self]
|
|
564
|
-
|
|
583
|
+
define_field(:server_side_encryption_customer_key) do |value|
|
|
565
584
|
field_name = 'x-amz-server-side-encryption-customer-key'
|
|
566
585
|
with(field_name, base64(value))
|
|
567
586
|
with(field_name + '-MD5', base64(OpenSSL::Digest::MD5.digest(value)))
|
|
@@ -570,7 +589,7 @@ module Aws
|
|
|
570
589
|
# @param [String] prefix
|
|
571
590
|
# @see #server_side_encryption_customer_key
|
|
572
591
|
# @return [self]
|
|
573
|
-
|
|
592
|
+
define_field(:server_side_encryption_customer_key_starts_with) do |prefix|
|
|
574
593
|
field_name = 'x-amz-server-side-encryption-customer-key'
|
|
575
594
|
starts_with(field_name, prefix)
|
|
576
595
|
end
|
data/lib/aws-sdk-s3/presigner.rb
CHANGED
|
@@ -138,6 +138,7 @@ module Aws
|
|
|
138
138
|
|
|
139
139
|
req = @client.build_request(method, params)
|
|
140
140
|
use_bucket_as_hostname(req) if virtual_host
|
|
141
|
+
handle_presigned_url_context(req)
|
|
141
142
|
|
|
142
143
|
x_amz_headers = sign_but_dont_send(
|
|
143
144
|
req, expires_in, scheme, time, unsigned_headers, hoist
|
|
@@ -183,6 +184,17 @@ module Aws
|
|
|
183
184
|
end
|
|
184
185
|
end
|
|
185
186
|
|
|
187
|
+
# Used for excluding presigned_urls from API request count.
|
|
188
|
+
#
|
|
189
|
+
# Store context information as early as possible, to allow
|
|
190
|
+
# handlers to perform decisions based on this flag if need.
|
|
191
|
+
def handle_presigned_url_context(req)
|
|
192
|
+
req.handle(step: :initialize, priority: 98) do |context|
|
|
193
|
+
context[:presigned_url] = true
|
|
194
|
+
@handler.call(context)
|
|
195
|
+
end
|
|
196
|
+
end
|
|
197
|
+
|
|
186
198
|
# @param [Seahorse::Client::Request] req
|
|
187
199
|
def sign_but_dont_send(
|
|
188
200
|
req, expires_in, scheme, time, unsigned_headers, hoist = true
|
|
@@ -219,17 +231,23 @@ module Aws
|
|
|
219
231
|
end
|
|
220
232
|
http_req.endpoint.query = query.join('&') unless query.empty?
|
|
221
233
|
|
|
234
|
+
signing_algorithm = :sigv4
|
|
235
|
+
|
|
222
236
|
# If it's an ARN, get the resolved region and service
|
|
223
237
|
if (arn = context.metadata[:s3_arn])
|
|
224
238
|
region = arn[:resolved_region]
|
|
225
239
|
service = arn[:arn].service
|
|
240
|
+
region = arn[:arn].is_a?(MultiRegionAccessPointARN) ? '*': arn[:resolved_region]
|
|
241
|
+
signing_algorithm = arn[:arn].is_a?(MultiRegionAccessPointARN) ? :sigv4a : :sigv4
|
|
226
242
|
end
|
|
227
243
|
|
|
228
244
|
signer = Aws::Sigv4::Signer.new(
|
|
229
245
|
service: service || 's3',
|
|
230
246
|
region: region || context.config.region,
|
|
247
|
+
signing_algorithm: signing_algorithm,
|
|
231
248
|
credentials_provider: context.config.credentials,
|
|
232
249
|
unsigned_headers: unsigned_headers,
|
|
250
|
+
apply_checksum_header: false,
|
|
233
251
|
uri_escape_path: false
|
|
234
252
|
)
|
|
235
253
|
|
|
@@ -242,9 +260,6 @@ module Aws
|
|
|
242
260
|
time: time
|
|
243
261
|
).to_s
|
|
244
262
|
|
|
245
|
-
# Used for excluding presigned_urls from API request count
|
|
246
|
-
context[:presigned_url] = true
|
|
247
|
-
|
|
248
263
|
Seahorse::Client::Response.new(context: context, data: url)
|
|
249
264
|
end
|
|
250
265
|
# Return the headers
|
data/lib/aws-sdk-s3/resource.rb
CHANGED
|
@@ -49,6 +49,7 @@ module Aws::S3
|
|
|
49
49
|
# grant_write: "GrantWrite",
|
|
50
50
|
# grant_write_acp: "GrantWriteACP",
|
|
51
51
|
# object_lock_enabled_for_bucket: false,
|
|
52
|
+
# object_ownership: "BucketOwnerPreferred", # accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
|
|
52
53
|
# })
|
|
53
54
|
# @param [Hash] options ({})
|
|
54
55
|
# @option options [String] :acl
|
|
@@ -65,13 +66,32 @@ module Aws::S3
|
|
|
65
66
|
# @option options [String] :grant_read_acp
|
|
66
67
|
# Allows grantee to read the bucket ACL.
|
|
67
68
|
# @option options [String] :grant_write
|
|
68
|
-
# Allows grantee to create
|
|
69
|
-
#
|
|
69
|
+
# Allows grantee to create new objects in the bucket.
|
|
70
|
+
#
|
|
71
|
+
# For the bucket and object owners of existing objects, also allows
|
|
72
|
+
# deletions and overwrites of those objects.
|
|
70
73
|
# @option options [String] :grant_write_acp
|
|
71
74
|
# Allows grantee to write the ACL for the applicable bucket.
|
|
72
75
|
# @option options [Boolean] :object_lock_enabled_for_bucket
|
|
73
76
|
# Specifies whether you want S3 Object Lock to be enabled for the new
|
|
74
77
|
# bucket.
|
|
78
|
+
# @option options [String] :object_ownership
|
|
79
|
+
# The container element for object ownership for a bucket's ownership
|
|
80
|
+
# controls.
|
|
81
|
+
#
|
|
82
|
+
# BucketOwnerPreferred - Objects uploaded to the bucket change ownership
|
|
83
|
+
# to the bucket owner if the objects are uploaded with the
|
|
84
|
+
# `bucket-owner-full-control` canned ACL.
|
|
85
|
+
#
|
|
86
|
+
# ObjectWriter - The uploading account will own the object if the object
|
|
87
|
+
# is uploaded with the `bucket-owner-full-control` canned ACL.
|
|
88
|
+
#
|
|
89
|
+
# BucketOwnerEnforced - Access control lists (ACLs) are disabled and no
|
|
90
|
+
# longer affect permissions. The bucket owner automatically owns and has
|
|
91
|
+
# full control over every object in the bucket. The bucket only accepts
|
|
92
|
+
# PUT requests that don't specify an ACL or bucket owner full control
|
|
93
|
+
# ACLs, such as the `bucket-owner-full-control` canned ACL or an
|
|
94
|
+
# equivalent form of this ACL expressed in the XML format.
|
|
75
95
|
# @return [Bucket]
|
|
76
96
|
def create_bucket(options = {})
|
|
77
97
|
@client.create_bucket(options)
|