RubyGems - s3-secure - Versions diffs - 0.6.0 → 0.7.0 - Mend

s3-secure 0.6.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/lib/s3_secure/access_logs/enable.rb +11 -0
data/lib/s3_secure/backwards_compatibility.rb +20 -0
data/lib/s3_secure/policy/document/base.rb +1 -1
data/lib/s3_secure/policy/document/force_ssl_only_access.rb +1 -1
data/lib/s3_secure/policy/document/force_ssl_only_access_remove.rb +1 -1
data/lib/s3_secure/public_access/block.rb +1 -1
data/lib/s3_secure/public_access/list.rb +1 -1
data/lib/s3_secure/public_access/show.rb +2 -2
data/lib/s3_secure/public_access/unblock.rb +1 -1
data/lib/s3_secure/version.rb +1 -1
data/lib/s3_secure.rb +2 -0
metadata +4 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 739695e06691bf9716545d0874b7a92bca5c739d78ebd7caee2458a45dbf767e
-  data.tar.gz: 2b9d47ad43044cd0b70e4063639d08c7963e8c144057ddc4b56556e07f7d7ee1
+  metadata.gz: 0e15a47d29daa735b3711252366efd5098a37deb8a462890247bc02e1a5142a5
+  data.tar.gz: d0e54444d2e786683ac9c04616df08b3ec967d1f6ae12a8623f9a1ae10161446
 SHA512:
-  metadata.gz: a68b9daf5ec3b047776a5e3e70ecf7aa680bb5fb685d911ff82d04c0baffd73b13e2d5acc3c899a241c10a2da7825de8b35a8fbe89116c95f515be1ee4b70017
-  data.tar.gz: 48346b04e0e720b004aec4b73ecb8da5c191b0f0018eceb9041a0b32fdd71f5a840a005be4df5daed95752af125770ceebc48e06b39b2131adb3c29af0463861
+  metadata.gz: 02773d9b0dec9ac2a707c00006419b0e454e29d8f56bf8752c2306481c9ac93f1ed8b07a24fdbeba0b8280b0b00c968636c6cfaa5e4db68237f6c7889434abcb
+  data.tar.gz: 6f83926d4bfe6ea06620e7901e13492770246ed31bfb1bb119f62546d20038e4576ce26997111dfc3539294cc34fdd2952aef8b90d7ba3d5314780c83c2b4b0d

data/CHANGELOG.md CHANGED Viewed

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
+## [0.7.0] - 2023-07-11
+- [#8](https://github.com/tongueroo/s3-secure/pull/8) fix s3.put_bucket_acl with s3.put_bucket_ownership_controls
+## [0.6.1] - 2021-12-30
+- [#6](https://github.com/tongueroo/s3-secure/pull/6) maintain backward compatibility terraspace_plugin_aws
 ## [0.6.0] - 2021-12-30
 - [#4](https://github.com/tongueroo/s3-secure/pull/4) refactor move directly related cli classes to subfolder
 - [#5](https://github.com/tongueroo/s3-secure/pull/5) add public access block support

data/lib/s3_secure/access_logs/enable.rb CHANGED Viewed

@@ -13,6 +13,17 @@ module S3Secure::AccessLogs
         return
       end
+      # require to add in order to use put_bucket_acl since this change
+      # https://aws.amazon.com/blogs/aws/amazon-s3-block-public-access-another-layer-of-protection-for-your-accounts-and-buckets/
+      s3.put_bucket_ownership_controls(
+        bucket: @bucket,
+        ownership_controls: { # required
+          rules: [ # required
+            {object_ownership: "ObjectWriter"}, # required, accepts BucketOwnerPreferred, ObjectWriter, BucketOwnerEnforced
+          ],
+        },
+      )
       s3.put_bucket_acl(
         bucket: @bucket,
         access_control_policy: @show.access_control_policy_with_log_delivery_permissions,

data/lib/s3_secure/backwards_compatibility.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module S3Secure
+  module BackwardsCompatibility
+  end
+  module Encryption
+    CLI::Encryption::Enable = Encryption::Enable
+  end
+  module Policy
+    CLI::Policy::Enforce = Policy::Enforce
+  end
+  module Versioning
+    CLI::Versioning::Enable = Versioning::Enable
+  end
+  module Lifecycle
+    CLI::Lifecycle::Add = Lifecycle::Add
+  end
+  module AccessLogs
+    CLI::AccessLogs::Enable = AccessLogs::Enable
+  end
+end

data/lib/s3_secure/policy/document/base.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-module S3Secure::Policy::Document
+class S3Secure::Policy::Document
   class Base
     extend Memoist

data/lib/s3_secure/policy/document/force_ssl_only_access.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-module S3Secure::Policy::Document
+class S3Secure::Policy::Document
   class ForceSSLOnlyAccess < Base
     def policy_document
       if @bucket_policy.blank?

data/lib/s3_secure/policy/document/force_ssl_only_access_remove.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-module S3Secure::Policy::Document
+class S3Secure::Policy::Document
   class ForceSSLOnlyAccessRemove < Base
     def initialize(bucket, bucket_policy)
       # @bucket_policy is existing document policy

data/lib/s3_secure/public_access/block.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module S3Secure::PublicAccess
           restrict_public_buckets: true,
         },
       )
-      $stderr.puts("Public access blocked for bucket: #{@bucket}")
+      say "Public access blocked for bucket: #{@bucket}"
       resp
     end
   end

data/lib/s3_secure/public_access/list.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module S3Secure::PublicAccess
       presenter.header = ["Bucket", "Block Public Access?"]
       buckets.each do |bucket|
-        $stderr.puts "Getting bucket public access configuration for bucket #{bucket.color(:green)}"
+        say "Getting bucket public access configuration for bucket #{bucket.color(:green)}"
         blocked = Show.new(bucket: bucket).blocked?
         row = [bucket, blocked]

data/lib/s3_secure/public_access/show.rb CHANGED Viewed

@@ -4,10 +4,10 @@ module S3Secure::PublicAccess
       resp = s3.get_public_access_block(
         bucket: @bucket,
       )
-      $stderr.puts(resp.to_h)
+      say(resp.to_h)
       resp
     rescue Aws::S3::Errors::NoSuchPublicAccessBlockConfiguration
-      $stderr.puts "No public access block configuration found for bucket: #{@bucket}"
+      say "No public access block configuration found for bucket: #{@bucket}"
     end
     def blocked?

data/lib/s3_secure/public_access/unblock.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module S3Secure::PublicAccess
       resp = s3.delete_public_access_block(
         bucket: @bucket,
       )
-      $stderr.puts("Removed public access block configuration for bucket: #{@bucket}")
+      say("Removed public access block configuration for bucket: #{@bucket}")
       resp
     end
   end

data/lib/s3_secure/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module S3Secure
-  VERSION = "0.6.0"
+  VERSION = "0.7.0"
 end

data/lib/s3_secure.rb CHANGED Viewed

@@ -14,3 +14,5 @@ S3Secure::Autoloader.setup
 module S3Secure
   class Error < StandardError; end
 end
+require_relative "s3_secure/backwards_compatibility"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: s3-secure
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Tung Nguyen
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-12-30 00:00:00.000000000 Z
+date: 2023-07-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -233,6 +233,7 @@ files:
 - lib/s3_secure/autoloader.rb
 - lib/s3_secure/aws_services.rb
 - lib/s3_secure/aws_services/s3.rb
+- lib/s3_secure/backwards_compatibility.rb
 - lib/s3_secure/cli.rb
 - lib/s3_secure/cli/access_logs.rb
 - lib/s3_secure/cli/base.rb
@@ -325,7 +326,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: S3 Bucket security hardening tool