VictoriaMetrics/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go

195 lines
5.9 KiB
Go
Raw Normal View History

2019-12-07 22:11:19 +01:00
package s3
import (
"net/url"
"strings"
"github.com/aws/aws-sdk-go/aws"
awsarn "github.com/aws/aws-sdk-go/aws/arn"
"github.com/aws/aws-sdk-go/aws/request"
2020-10-05 22:19:49 +02:00
"github.com/aws/aws-sdk-go/internal/s3shared"
"github.com/aws/aws-sdk-go/internal/s3shared/arn"
2019-12-07 22:11:19 +01:00
)
// Used by shapes with members decorated as endpoint ARN.
func parseEndpointARN(v string) (arn.Resource, error) {
return arn.ParseResource(v, accessPointResourceParser)
}
func accessPointResourceParser(a awsarn.ARN) (arn.Resource, error) {
resParts := arn.SplitResource(a.Resource)
switch resParts[0] {
case "accesspoint":
2020-10-05 22:19:49 +02:00
if a.Service != "s3" {
return arn.AccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3"}
}
2019-12-07 22:11:19 +01:00
return arn.ParseAccessPointResource(a, resParts[1:])
2020-10-05 22:19:49 +02:00
case "outpost":
if a.Service != "s3-outposts" {
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3-outposts"}
}
return parseOutpostAccessPointResource(a, resParts[1:])
2019-12-07 22:11:19 +01:00
default:
return nil, arn.InvalidARNError{ARN: a, Reason: "unknown resource type"}
}
}
2020-10-05 22:19:49 +02:00
// parseOutpostAccessPointResource attempts to parse the ARNs resource as an
// outpost access-point resource.
//
// Supported Outpost AccessPoint ARN format:
// - ARN format: arn:{partition}:s3-outposts:{region}:{accountId}:outpost/{outpostId}/accesspoint/{accesspointName}
// - example: arn:aws:s3-outposts:us-west-2:012345678901:outpost/op-1234567890123456/accesspoint/myaccesspoint
//
func parseOutpostAccessPointResource(a awsarn.ARN, resParts []string) (arn.OutpostAccessPointARN, error) {
// outpost accesspoint arn is only valid if service is s3-outposts
if a.Service != "s3-outposts" {
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3-outposts"}
}
if len(resParts) == 0 {
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "outpost resource-id not set"}
}
if len(resParts) < 3 {
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{
ARN: a, Reason: "access-point resource not set in Outpost ARN",
}
}
resID := strings.TrimSpace(resParts[0])
if len(resID) == 0 {
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "outpost resource-id not set"}
}
var outpostAccessPointARN = arn.OutpostAccessPointARN{}
switch resParts[1] {
case "accesspoint":
accessPointARN, err := arn.ParseAccessPointResource(a, resParts[2:])
if err != nil {
return arn.OutpostAccessPointARN{}, err
}
// set access-point arn
outpostAccessPointARN.AccessPointARN = accessPointARN
default:
return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "access-point resource not set in Outpost ARN"}
}
// set outpost id
outpostAccessPointARN.OutpostID = resID
return outpostAccessPointARN, nil
}
2019-12-07 22:11:19 +01:00
func endpointHandler(req *request.Request) {
endpoint, ok := req.Params.(endpointARNGetter)
if !ok || !endpoint.hasEndpointARN() {
updateBucketEndpointFromParams(req)
return
}
resource, err := endpoint.getEndpointARN()
if err != nil {
2020-10-05 22:19:49 +02:00
req.Error = s3shared.NewInvalidARNError(nil, err)
2019-12-07 22:11:19 +01:00
return
}
2020-10-05 22:19:49 +02:00
resReq := s3shared.ResourceRequest{
2019-12-07 22:11:19 +01:00
Resource: resource,
Request: req,
}
2021-02-09 00:12:07 +01:00
if len(resReq.Request.ClientInfo.PartitionID) != 0 && resReq.IsCrossPartition() {
2020-10-05 22:19:49 +02:00
req.Error = s3shared.NewClientPartitionMismatchError(resource,
2019-12-07 22:11:19 +01:00
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
return
}
if !resReq.AllowCrossRegion() && resReq.IsCrossRegion() {
2020-10-05 22:19:49 +02:00
req.Error = s3shared.NewClientRegionMismatchError(resource,
2019-12-07 22:11:19 +01:00
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
return
}
switch tv := resource.(type) {
case arn.AccessPointARN:
err = updateRequestAccessPointEndpoint(req, tv)
if err != nil {
req.Error = err
}
2020-10-05 22:19:49 +02:00
case arn.OutpostAccessPointARN:
// outposts does not support FIPS regions
if resReq.ResourceConfiguredForFIPS() {
req.Error = s3shared.NewInvalidARNWithFIPSError(resource, nil)
return
}
err = updateRequestOutpostAccessPointEndpoint(req, tv)
if err != nil {
req.Error = err
}
2019-12-07 22:11:19 +01:00
default:
2020-10-05 22:19:49 +02:00
req.Error = s3shared.NewInvalidARNError(resource, nil)
2019-12-07 22:11:19 +01:00
}
}
func updateBucketEndpointFromParams(r *request.Request) {
bucket, ok := bucketNameFromReqParams(r.Params)
if !ok {
// Ignore operation requests if the bucket name was not provided
// if this is an input validation error the validation handler
// will report it.
return
}
updateEndpointForS3Config(r, bucket)
}
func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.AccessPointARN) error {
// Accelerate not supported
if aws.BoolValue(req.Config.S3UseAccelerate) {
2020-10-05 22:19:49 +02:00
return s3shared.NewClientConfiguredForAccelerateError(accessPoint,
2019-12-07 22:11:19 +01:00
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
}
2021-02-09 00:12:07 +01:00
// Ignore the disable host prefix for access points
2019-12-07 22:11:19 +01:00
req.Config.DisableEndpointHostPrefix = aws.Bool(false)
2020-10-05 22:19:49 +02:00
if err := accessPointEndpointBuilder(accessPoint).build(req); err != nil {
2019-12-07 22:11:19 +01:00
return err
}
removeBucketFromPath(req.HTTPRequest.URL)
return nil
}
2020-10-05 22:19:49 +02:00
func updateRequestOutpostAccessPointEndpoint(req *request.Request, accessPoint arn.OutpostAccessPointARN) error {
// Accelerate not supported
if aws.BoolValue(req.Config.S3UseAccelerate) {
return s3shared.NewClientConfiguredForAccelerateError(accessPoint,
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
2019-12-07 22:11:19 +01:00
}
2020-10-05 22:19:49 +02:00
// Dualstack not supported
if aws.BoolValue(req.Config.UseDualStack) {
return s3shared.NewClientConfiguredForDualStackError(accessPoint,
req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil)
2019-12-07 22:11:19 +01:00
}
2021-02-09 00:12:07 +01:00
// Ignore the disable host prefix for access points
2020-10-05 22:19:49 +02:00
req.Config.DisableEndpointHostPrefix = aws.Bool(false)
2019-12-07 22:11:19 +01:00
2020-10-05 22:19:49 +02:00
if err := outpostAccessPointEndpointBuilder(accessPoint).build(req); err != nil {
2019-12-07 22:11:19 +01:00
return err
}
2020-10-05 22:19:49 +02:00
removeBucketFromPath(req.HTTPRequest.URL)
2019-12-07 22:11:19 +01:00
return nil
}
2020-10-05 22:19:49 +02:00
func removeBucketFromPath(u *url.URL) {
u.Path = strings.Replace(u.Path, "/{Bucket}", "", -1)
if u.Path == "" {
u.Path = "/"
2019-12-07 22:11:19 +01:00
}
}