You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
230 lines
8.0 KiB
230 lines
8.0 KiB
// Code generated by smithy-go-codegen DO NOT EDIT.
|
|
|
|
package s3
|
|
|
|
import (
|
|
"context"
|
|
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
|
|
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
|
|
internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum"
|
|
s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations"
|
|
"github.com/aws/aws-sdk-go-v2/service/s3/types"
|
|
"github.com/aws/smithy-go/middleware"
|
|
smithyhttp "github.com/aws/smithy-go/transport/http"
|
|
)
|
|
|
|
// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an
|
|
// identity other than the root user of the Amazon Web Services account that owns
|
|
// the bucket, the calling identity must have the PutBucketPolicy permissions on
|
|
// the specified bucket and belong to the bucket owner's account in order to use
|
|
// this operation. If you don't have PutBucketPolicy permissions, Amazon S3 returns
|
|
// a 403 Access Denied error. If you have the correct permissions, but you're not
|
|
// using an identity that belongs to the bucket owner's account, Amazon S3 returns
|
|
// a 405 Method Not Allowed error. As a security precaution, the root user of the
|
|
// Amazon Web Services account that owns a bucket can always use this operation,
|
|
// even if the policy explicitly denies the root user the ability to perform this
|
|
// action. For more information, see Bucket policy examples
|
|
// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html).
|
|
// The following operations are related to PutBucketPolicy:
|
|
//
|
|
// * CreateBucket
|
|
// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
|
|
//
|
|
// *
|
|
// DeleteBucket
|
|
// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
|
|
func (c *Client) PutBucketPolicy(ctx context.Context, params *PutBucketPolicyInput, optFns ...func(*Options)) (*PutBucketPolicyOutput, error) {
|
|
if params == nil {
|
|
params = &PutBucketPolicyInput{}
|
|
}
|
|
|
|
result, metadata, err := c.invokeOperation(ctx, "PutBucketPolicy", params, optFns, c.addOperationPutBucketPolicyMiddlewares)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
out := result.(*PutBucketPolicyOutput)
|
|
out.ResultMetadata = metadata
|
|
return out, nil
|
|
}
|
|
|
|
type PutBucketPolicyInput struct {
|
|
|
|
// The name of the bucket.
|
|
//
|
|
// This member is required.
|
|
Bucket *string
|
|
|
|
// The bucket policy as a JSON document.
|
|
//
|
|
// This member is required.
|
|
Policy *string
|
|
|
|
// Indicates the algorithm used to create the checksum for the object when using
|
|
// the SDK. This header will not provide any additional functionality if not using
|
|
// the SDK. When sending this header, there must be a corresponding x-amz-checksum
|
|
// or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the
|
|
// HTTP status code 400 Bad Request. For more information, see Checking object
|
|
// integrity
|
|
// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html)
|
|
// in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3
|
|
// ignores any provided ChecksumAlgorithm parameter.
|
|
ChecksumAlgorithm types.ChecksumAlgorithm
|
|
|
|
// Set this parameter to true to confirm that you want to remove your permissions
|
|
// to change this bucket policy in the future.
|
|
ConfirmRemoveSelfBucketAccess bool
|
|
|
|
// The MD5 hash of the request body. For requests made using the Amazon Web
|
|
// Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is
|
|
// calculated automatically.
|
|
ContentMD5 *string
|
|
|
|
// The account ID of the expected bucket owner. If the bucket is owned by a
|
|
// different account, the request fails with the HTTP status code 403 Forbidden
|
|
// (access denied).
|
|
ExpectedBucketOwner *string
|
|
|
|
noSmithyDocumentSerde
|
|
}
|
|
|
|
type PutBucketPolicyOutput struct {
|
|
// Metadata pertaining to the operation's result.
|
|
ResultMetadata middleware.Metadata
|
|
|
|
noSmithyDocumentSerde
|
|
}
|
|
|
|
func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) {
|
|
err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketPolicy{}, middleware.After)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = stack.Deserialize.Add(&awsRestxml_deserializeOpPutBucketPolicy{}, middleware.After)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if err = addSetLoggerMiddleware(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = addResolveEndpointMiddleware(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = addRetryMiddlewares(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = addClientUserAgent(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = addOpPutBucketPolicyValidationMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutBucketPolicy(options.Region), middleware.Before); err != nil {
|
|
return err
|
|
}
|
|
if err = addMetadataRetrieverMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = addPutBucketPolicyInputChecksumMiddlewares(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = addPutBucketPolicyUpdateEndpoint(stack, options); err != nil {
|
|
return err
|
|
}
|
|
if err = addResponseErrorMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = disableAcceptEncodingGzip(stack); err != nil {
|
|
return err
|
|
}
|
|
if err = addRequestResponseLogging(stack, options); err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func newServiceMetadataMiddleware_opPutBucketPolicy(region string) *awsmiddleware.RegisterServiceMetadata {
|
|
return &awsmiddleware.RegisterServiceMetadata{
|
|
Region: region,
|
|
ServiceID: ServiceID,
|
|
SigningName: "s3",
|
|
OperationName: "PutBucketPolicy",
|
|
}
|
|
}
|
|
|
|
// getPutBucketPolicyRequestAlgorithmMember gets the request checksum algorithm
|
|
// value provided as input.
|
|
func getPutBucketPolicyRequestAlgorithmMember(input interface{}) (string, bool) {
|
|
in := input.(*PutBucketPolicyInput)
|
|
if len(in.ChecksumAlgorithm) == 0 {
|
|
return "", false
|
|
}
|
|
return string(in.ChecksumAlgorithm), true
|
|
}
|
|
|
|
func addPutBucketPolicyInputChecksumMiddlewares(stack *middleware.Stack, options Options) error {
|
|
return internalChecksum.AddInputMiddleware(stack, internalChecksum.InputMiddlewareOptions{
|
|
GetAlgorithm: getPutBucketPolicyRequestAlgorithmMember,
|
|
RequireChecksum: true,
|
|
EnableTrailingChecksum: false,
|
|
EnableComputeSHA256PayloadHash: true,
|
|
EnableDecodedContentLengthHeader: true,
|
|
})
|
|
}
|
|
|
|
// getPutBucketPolicyBucketMember returns a pointer to string denoting a provided
|
|
// bucket member valueand a boolean indicating if the input has a modeled bucket
|
|
// name,
|
|
func getPutBucketPolicyBucketMember(input interface{}) (*string, bool) {
|
|
in := input.(*PutBucketPolicyInput)
|
|
if in.Bucket == nil {
|
|
return nil, false
|
|
}
|
|
return in.Bucket, true
|
|
}
|
|
func addPutBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Options) error {
|
|
return s3cust.UpdateEndpoint(stack, s3cust.UpdateEndpointOptions{
|
|
Accessor: s3cust.UpdateEndpointParameterAccessor{
|
|
GetBucketFromInput: getPutBucketPolicyBucketMember,
|
|
},
|
|
UsePathStyle: options.UsePathStyle,
|
|
UseAccelerate: options.UseAccelerate,
|
|
SupportsAccelerate: true,
|
|
TargetS3ObjectLambda: false,
|
|
EndpointResolver: options.EndpointResolver,
|
|
EndpointResolverOptions: options.EndpointOptions,
|
|
UseARNRegion: options.UseARNRegion,
|
|
DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints,
|
|
})
|
|
}
|