fluent-plugin-s3 1.0.0.rc8 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ChangeLog +10 -0
- data/README.md +51 -5
- data/VERSION +1 -1
- data/lib/fluent/plugin/out_s3.rb +12 -0
- data/test/test_out_s3.rb +10 -0
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6484393067ca566165643a70c9bb844f3499cd00
|
|
4
|
+
data.tar.gz: 59a603dd4ebf2d53746d1c8b434e692c59d165d9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0425f28aa5c45b2f514002e4c9555685099420a9912973abb901e8e60c54fb5e99fddbe8ca406a24dd40975214f68e66caa27c737b5928eb5281c5f9378e66c9
|
|
7
|
+
data.tar.gz: 8dd9b50f05b3cf0eea06a8e54e860b8c61b114c88a8e9879b5ae6d12213fc5368a690c4ccb279872d25d7e8c60d58cb9039a74d5980d95fcb2c70142b3142773
|
data/ChangeLog
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
Release 1.0.0 - 2017/11/15
|
|
2
|
+
|
|
3
|
+
* Use v0.14 API
|
|
4
|
+
* out_s3: Support canonical user id based grant permission
|
|
5
|
+
* out_s3: Use specified s3_object_key_format even if check_object is false
|
|
6
|
+
* out_s3: Add s3_metadata parameter
|
|
7
|
+
* out_s3: Add ssl_verify_peer parameter
|
|
8
|
+
* in_s3: Unescape S3 key
|
|
9
|
+
* Add use_bundled_cert parameter
|
|
10
|
+
|
|
1
11
|
Release 0.8.0 - 2016/12/20
|
|
2
12
|
|
|
3
13
|
* out_s3: Add check_object / check_bucket parameters for only put permission
|
data/README.md
CHANGED
|
@@ -366,6 +366,39 @@ To use cross-account access, you will need to create a bucket policy granting
|
|
|
366
366
|
the specific access required. Refer to the [AWS
|
|
367
367
|
documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example3.html) for examples.
|
|
368
368
|
|
|
369
|
+
**grant_full_control**
|
|
370
|
+
|
|
371
|
+
Allows grantee READ, READ_ACP, and WRITE_ACP permissions on the object.
|
|
372
|
+
This is useful for cross-account access using IAM roles.
|
|
373
|
+
|
|
374
|
+
Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
|
|
375
|
+
|
|
376
|
+
e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
|
|
377
|
+
|
|
378
|
+
Note that a canonical user ID is different from an AWS account ID.
|
|
379
|
+
Please refer to [AWS documentation](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html) for more details.
|
|
380
|
+
|
|
381
|
+
**grant_read**
|
|
382
|
+
|
|
383
|
+
Allows grantee to read the object data and its metadata.
|
|
384
|
+
Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
|
|
385
|
+
|
|
386
|
+
e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
|
|
387
|
+
|
|
388
|
+
**grant_read_acp**
|
|
389
|
+
|
|
390
|
+
Allows grantee to read the object ACL.
|
|
391
|
+
Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
|
|
392
|
+
|
|
393
|
+
e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
|
|
394
|
+
|
|
395
|
+
**grant_write_acp**
|
|
396
|
+
|
|
397
|
+
Allows grantee to write the ACL for the applicable object.
|
|
398
|
+
Valid values are `id="Grantee-CanonicalUserID"`. Please specify the grantee's canonical user ID.
|
|
399
|
+
|
|
400
|
+
e.g. `id="79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be"`
|
|
401
|
+
|
|
369
402
|
**hex_random_length**
|
|
370
403
|
|
|
371
404
|
The length of `%{hex_random}` placeholder. Default is 4 as written in
|
|
@@ -620,11 +653,24 @@ The long polling interval. Default is 20.
|
|
|
620
653
|
The following is an example for a minimal IAM policy needed to write to an s3
|
|
621
654
|
bucket (matches my-s3bucket/logs, my-s3bucket-test, etc.).
|
|
622
655
|
|
|
623
|
-
{
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
656
|
+
{
|
|
657
|
+
"Version": "2012-10-17",
|
|
658
|
+
"Statement": [
|
|
659
|
+
{
|
|
660
|
+
"Effect": "Allow",
|
|
661
|
+
"Action": [
|
|
662
|
+
"s3:ListBucket"
|
|
663
|
+
],
|
|
664
|
+
"Resource": "arn:aws:s3:::my-s3bucket"
|
|
665
|
+
},
|
|
666
|
+
{
|
|
667
|
+
"Effect": "Allow",
|
|
668
|
+
"Action": [
|
|
669
|
+
"s3:PutObject"
|
|
670
|
+
],
|
|
671
|
+
"Resource": "arn:aws:s3:::my-s3bucket/*"
|
|
672
|
+
}
|
|
673
|
+
]
|
|
628
674
|
}
|
|
629
675
|
|
|
630
676
|
Note that the bucket must already exist and **auto_create_bucket** has no
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.0.0
|
|
1
|
+
1.0.0
|
data/lib/fluent/plugin/out_s3.rb
CHANGED
|
@@ -88,6 +88,14 @@ module Fluent::Plugin
|
|
|
88
88
|
config_param :storage_class, :string, default: "STANDARD"
|
|
89
89
|
desc "Permission for the object in S3"
|
|
90
90
|
config_param :acl, :string, default: nil
|
|
91
|
+
desc "Allows grantee READ, READ_ACP, and WRITE_ACP permissions on the object"
|
|
92
|
+
config_param :grant_full_control, :string, default: nil
|
|
93
|
+
desc "Allows grantee to read the object data and its metadata"
|
|
94
|
+
config_param :grant_read, :string, default: nil
|
|
95
|
+
desc "Allows grantee to read the object ACL"
|
|
96
|
+
config_param :grant_read_acp, :string, default: nil
|
|
97
|
+
desc "Allows grantee to write the ACL for the applicable object"
|
|
98
|
+
config_param :grant_write_acp, :string, default: nil
|
|
91
99
|
desc "The length of `%{hex_random}` placeholder(4-16)"
|
|
92
100
|
config_param :hex_random_length, :integer, default: 4
|
|
93
101
|
desc "Overwrite already existing path"
|
|
@@ -286,6 +294,10 @@ module Fluent::Plugin
|
|
|
286
294
|
put_options[:sse_customer_key] = @sse_customer_key if @sse_customer_key
|
|
287
295
|
put_options[:sse_customer_key_md5] = @sse_customer_key_md5 if @sse_customer_key_md5
|
|
288
296
|
put_options[:acl] = @acl if @acl
|
|
297
|
+
put_options[:grant_full_control] = @grant_full_control if @grant_full_control
|
|
298
|
+
put_options[:grant_read] = @grant_read if @grant_read
|
|
299
|
+
put_options[:grant_read_acp] = @grant_read_acp if @grant_read_acp
|
|
300
|
+
put_options[:grant_write_acp] = @grant_write_acp if @grant_write_acp
|
|
289
301
|
|
|
290
302
|
if @s3_metadata
|
|
291
303
|
put_options[:metadata] = {}
|
data/test/test_out_s3.rb
CHANGED
|
@@ -140,6 +140,16 @@ class S3OutputTest < Test::Unit::TestCase
|
|
|
140
140
|
assert_equal false, d.instance.check_object
|
|
141
141
|
end
|
|
142
142
|
|
|
143
|
+
def test_configure_with_grant
|
|
144
|
+
conf = CONFIG.clone
|
|
145
|
+
conf << "\grant_full_control id='0123456789'\ngrant_read id='1234567890'\ngrant_read_acp id='2345678901'\ngrant_write_acp id='3456789012'\n"
|
|
146
|
+
d = create_driver(conf)
|
|
147
|
+
assert_equal "id='0123456789'", d.instance.grant_full_control
|
|
148
|
+
assert_equal "id='1234567890'", d.instance.grant_read
|
|
149
|
+
assert_equal "id='2345678901'", d.instance.grant_read_acp
|
|
150
|
+
assert_equal "id='3456789012'", d.instance.grant_write_acp
|
|
151
|
+
end
|
|
152
|
+
|
|
143
153
|
def test_format
|
|
144
154
|
d = create_driver
|
|
145
155
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-s3
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.0
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sadayuki Furuhashi
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-
|
|
12
|
+
date: 2017-11-16 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: fluentd
|
|
@@ -150,9 +150,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
150
150
|
version: '0'
|
|
151
151
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
152
152
|
requirements:
|
|
153
|
-
- - "
|
|
153
|
+
- - ">="
|
|
154
154
|
- !ruby/object:Gem::Version
|
|
155
|
-
version:
|
|
155
|
+
version: '0'
|
|
156
156
|
requirements: []
|
|
157
157
|
rubyforge_project:
|
|
158
158
|
rubygems_version: 2.6.13
|