RubyGems - fluent-plugin-s3 - Versions diffs - 1.0.0.rc8 → 1.0.0 - Mend

fluent-plugin-s3 1.0.0.rc8 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 23f48015111ef6d82e594f44bf13aacf1c1cae98
-  data.tar.gz: 426187af67d57eafeced8825d53a702c0a648b85
+  metadata.gz: 6484393067ca566165643a70c9bb844f3499cd00
+  data.tar.gz: 59a603dd4ebf2d53746d1c8b434e692c59d165d9
 SHA512:
-  metadata.gz: dde04abfd7cca7ab08e883a4dec05947aeb38eca90e356252b0331447defb562b51fc9f01558c832482254372b8a009d295ee7d10fd64332cb0b9fd4230541ee
-  data.tar.gz: d06679296f6552a54dea51b6eb26f0f8551f866e36e7afd26ff0b20565f914d40cf64d4c13491f41d71e8d150bcc659f8a274e9e46e9e482e10ea80b5df7f56d
+  metadata.gz: 0425f28aa5c45b2f514002e4c9555685099420a9912973abb901e8e60c54fb5e99fddbe8ca406a24dd40975214f68e66caa27c737b5928eb5281c5f9378e66c9
+  data.tar.gz: 8dd9b50f05b3cf0eea06a8e54e860b8c61b114c88a8e9879b5ae6d12213fc5368a690c4ccb279872d25d7e8c60d58cb9039a74d5980d95fcb2c70142b3142773

data/ChangeLog CHANGED

@@ -1,3 +1,13 @@
+Release 1.0.0 - 2017/11/15
+  * Use v0.14 API
+  * out_s3: Support canonical user id based grant permission
+  * out_s3: Use specified s3_object_key_format even if check_object is false
+  * out_s3: Add s3_metadata parameter
+  * out_s3: Add ssl_verify_peer parameter
+  * in_s3: Unescape S3 key
+  * Add use_bundled_cert parameter
 Release 0.8.0 - 2016/12/20
   * out_s3: Add check_object / check_bucket parameters for only put permission

data/README.md CHANGED

@@ -366,6 +366,39 @@ To use cross-account access, you will need to create a bucket policy granting
 the specific access required. Refer to the [AWS
 documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example3.html) for examples.
+**grant_full_control**
+Allows grantee READ, READ_ACP, and WRITE_ACP permissions on the object.
+This is useful for cross-account access using IAM roles.
+Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
+e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
+Note that a canonical user ID is different from an AWS account ID.
+Please refer to [AWS documentation](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html) for more details.
+**grant_read**
+Allows grantee to read the object data and its metadata.
+Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
+e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
+**grant_read_acp**
+Allows grantee to read the object ACL.
+Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
+e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
+**grant_write_acp**
+Allows grantee to write the ACL for the applicable object.
+Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
+e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
 **hex_random_length**
 The length of `%{hex_random}` placeholder. Default is 4 as written in
@@ -620,11 +653,24 @@ The long polling interval. Default is 20.
 The following is an example for a minimal IAM policy needed to write to an s3
 bucket (matches my-s3bucket/logs, my-s3bucket-test, etc.).
-    { "Statement": [
-     { "Effect":"Allow",
-       "Action":"s3:*",
-       "Resource":"arn:aws:s3:::my-s3bucket*"
-      } ]
+    {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:ListBucket"
+          ],
+          "Resource": "arn:aws:s3:::my-s3bucket"
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "s3:PutObject"
+          ],
+          "Resource": "arn:aws:s3:::my-s3bucket/*"
+        }
+      ]
     }
 Note that the bucket must already exist and **auto_create_bucket** has no

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 1.0.0~~.rc8~~
1	+ 1.0.0

data/lib/fluent/plugin/out_s3.rb CHANGED

@@ -88,6 +88,14 @@ module Fluent::Plugin
     config_param :storage_class, :string, default: "STANDARD"
     desc "Permission for the object in S3"
     config_param :acl, :string, default: nil
+    desc "Allows grantee READ, READ_ACP, and WRITE_ACP permissions on the object"
+    config_param :grant_full_control, :string, default: nil
+    desc "Allows grantee to read the object data and its metadata"
+    config_param :grant_read, :string, default: nil
+    desc "Allows grantee to read the object ACL"
+    config_param :grant_read_acp, :string, default: nil
+    desc "Allows grantee to write the ACL for the applicable object"
+    config_param :grant_write_acp, :string, default: nil
     desc "The length of `%{hex_random}` placeholder(4-16)"
     config_param :hex_random_length, :integer, default: 4
     desc "Overwrite already existing path"
@@ -286,6 +294,10 @@ module Fluent::Plugin
         put_options[:sse_customer_key] = @sse_customer_key if @sse_customer_key
         put_options[:sse_customer_key_md5] = @sse_customer_key_md5 if @sse_customer_key_md5
         put_options[:acl] = @acl if @acl
+        put_options[:grant_full_control] = @grant_full_control if @grant_full_control
+        put_options[:grant_read] = @grant_read if @grant_read
+        put_options[:grant_read_acp] = @grant_read_acp if @grant_read_acp
+        put_options[:grant_write_acp] = @grant_write_acp if @grant_write_acp
         if @s3_metadata
           put_options[:metadata] = {}

data/test/test_out_s3.rb CHANGED

@@ -140,6 +140,16 @@ class S3OutputTest < Test::Unit::TestCase
     assert_equal false, d.instance.check_object
   end
+  def test_configure_with_grant
+    conf = CONFIG.clone
+    conf << "\grant_full_control id='0123456789'\ngrant_read id='1234567890'\ngrant_read_acp id='2345678901'\ngrant_write_acp id='3456789012'\n"
+    d = create_driver(conf)
+    assert_equal "id='0123456789'", d.instance.grant_full_control
+    assert_equal "id='1234567890'", d.instance.grant_read
+    assert_equal "id='2345678901'", d.instance.grant_read_acp
+    assert_equal "id='3456789012'", d.instance.grant_write_acp
+  end
   def test_format
     d = create_driver

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-s3
 version: !ruby/object:Gem::Version
-  version: 1.0.0.rc8
+  version: 1.0.0
 platform: ruby
 authors:
 - Sadayuki Furuhashi
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-10-27 00:00:00.000000000 Z
+date: 2017-11-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fluentd
@@ -150,9 +150,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project:
 rubygems_version: 2.6.13