Documentation ¶
Overview ¶
Package s3control provides the client and types for making API requests to AWS S3 Control.
AWS S3 Control provides access to Amazon S3 control plane operations.
See https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20 for more information on this service.
See s3control package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/s3control/
Using the Client ¶
To contact AWS S3 Control with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.
See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/
See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
See the AWS S3 Control client S3Control for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/s3control/#New
Index ¶
- Constants
- type DeletePublicAccessBlockInput
- type DeletePublicAccessBlockOutput
- type GetPublicAccessBlockInput
- type GetPublicAccessBlockOutput
- type PublicAccessBlockConfiguration
- func (s PublicAccessBlockConfiguration) GoString() string
- func (s *PublicAccessBlockConfiguration) SetBlockPublicAcls(v bool) *PublicAccessBlockConfiguration
- func (s *PublicAccessBlockConfiguration) SetBlockPublicPolicy(v bool) *PublicAccessBlockConfiguration
- func (s *PublicAccessBlockConfiguration) SetIgnorePublicAcls(v bool) *PublicAccessBlockConfiguration
- func (s *PublicAccessBlockConfiguration) SetRestrictPublicBuckets(v bool) *PublicAccessBlockConfiguration
- func (s PublicAccessBlockConfiguration) String() string
- type PutPublicAccessBlockInput
- func (s PutPublicAccessBlockInput) GoString() string
- func (s *PutPublicAccessBlockInput) SetAccountId(v string) *PutPublicAccessBlockInput
- func (s *PutPublicAccessBlockInput) SetPublicAccessBlockConfiguration(v *PublicAccessBlockConfiguration) *PutPublicAccessBlockInput
- func (s PutPublicAccessBlockInput) String() string
- func (s *PutPublicAccessBlockInput) Validate() error
- type PutPublicAccessBlockOutput
- type S3Control
- func (c *S3Control) DeletePublicAccessBlock(input *DeletePublicAccessBlockInput) (*DeletePublicAccessBlockOutput, error)
- func (c *S3Control) DeletePublicAccessBlockRequest(input *DeletePublicAccessBlockInput) (req *request.Request, output *DeletePublicAccessBlockOutput)
- func (c *S3Control) DeletePublicAccessBlockWithContext(ctx aws.Context, input *DeletePublicAccessBlockInput, opts ...request.Option) (*DeletePublicAccessBlockOutput, error)
- func (c *S3Control) GetPublicAccessBlock(input *GetPublicAccessBlockInput) (*GetPublicAccessBlockOutput, error)
- func (c *S3Control) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req *request.Request, output *GetPublicAccessBlockOutput)
- func (c *S3Control) GetPublicAccessBlockWithContext(ctx aws.Context, input *GetPublicAccessBlockInput, opts ...request.Option) (*GetPublicAccessBlockOutput, error)
- func (c *S3Control) PutPublicAccessBlock(input *PutPublicAccessBlockInput) (*PutPublicAccessBlockOutput, error)
- func (c *S3Control) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req *request.Request, output *PutPublicAccessBlockOutput)
- func (c *S3Control) PutPublicAccessBlockWithContext(ctx aws.Context, input *PutPublicAccessBlockInput, opts ...request.Option) (*PutPublicAccessBlockOutput, error)
Constants ¶
const ( ServiceName = "S3 Control" // Name of service. EndpointsID = "s3-control" // ID to lookup a service endpoint with. ServiceID = "S3 Control" // ServiceID is a unique identifer of a specific service. )
Service information constants
const ( // ErrCodeNoSuchPublicAccessBlockConfiguration for service response error code // "NoSuchPublicAccessBlockConfiguration". // // This exception is thrown if a GetPublicAccessBlock request is made against // an account that does not have a PublicAccessBlockConfiguration set. ErrCodeNoSuchPublicAccessBlockConfiguration = "NoSuchPublicAccessBlockConfiguration" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DeletePublicAccessBlockInput ¶
type DeletePublicAccessBlockInput struct { // The Account ID for the Amazon Web Services account whose Public Access Block // configuration you want to remove. // // AccountId is a required field AccountId *string `location:"header" locationName:"x-amz-account-id" type:"string" required:"true"` // contains filtered or unexported fields }
func (DeletePublicAccessBlockInput) GoString ¶
func (s DeletePublicAccessBlockInput) GoString() string
GoString returns the string representation
func (*DeletePublicAccessBlockInput) SetAccountId ¶
func (s *DeletePublicAccessBlockInput) SetAccountId(v string) *DeletePublicAccessBlockInput
SetAccountId sets the AccountId field's value.
func (DeletePublicAccessBlockInput) String ¶
func (s DeletePublicAccessBlockInput) String() string
String returns the string representation
func (*DeletePublicAccessBlockInput) Validate ¶
func (s *DeletePublicAccessBlockInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type DeletePublicAccessBlockOutput ¶
type DeletePublicAccessBlockOutput struct {
// contains filtered or unexported fields
}
func (DeletePublicAccessBlockOutput) GoString ¶
func (s DeletePublicAccessBlockOutput) GoString() string
GoString returns the string representation
func (DeletePublicAccessBlockOutput) String ¶
func (s DeletePublicAccessBlockOutput) String() string
String returns the string representation
type GetPublicAccessBlockInput ¶
type GetPublicAccessBlockInput struct { // The Account ID for the Amazon Web Services account whose Public Access Block // configuration you want to retrieve. // // AccountId is a required field AccountId *string `location:"header" locationName:"x-amz-account-id" type:"string" required:"true"` // contains filtered or unexported fields }
func (GetPublicAccessBlockInput) GoString ¶
func (s GetPublicAccessBlockInput) GoString() string
GoString returns the string representation
func (*GetPublicAccessBlockInput) SetAccountId ¶
func (s *GetPublicAccessBlockInput) SetAccountId(v string) *GetPublicAccessBlockInput
SetAccountId sets the AccountId field's value.
func (GetPublicAccessBlockInput) String ¶
func (s GetPublicAccessBlockInput) String() string
String returns the string representation
func (*GetPublicAccessBlockInput) Validate ¶
func (s *GetPublicAccessBlockInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type GetPublicAccessBlockOutput ¶
type GetPublicAccessBlockOutput struct { // The Public Access Block configuration currently in effect for this Amazon // Web Services account. PublicAccessBlockConfiguration *PublicAccessBlockConfiguration `type:"structure"` // contains filtered or unexported fields }
func (GetPublicAccessBlockOutput) GoString ¶
func (s GetPublicAccessBlockOutput) GoString() string
GoString returns the string representation
func (*GetPublicAccessBlockOutput) SetPublicAccessBlockConfiguration ¶
func (s *GetPublicAccessBlockOutput) SetPublicAccessBlockConfiguration(v *PublicAccessBlockConfiguration) *GetPublicAccessBlockOutput
SetPublicAccessBlockConfiguration sets the PublicAccessBlockConfiguration field's value.
func (GetPublicAccessBlockOutput) String ¶
func (s GetPublicAccessBlockOutput) String() string
String returns the string representation
type PublicAccessBlockConfiguration ¶
type PublicAccessBlockConfiguration struct { // Specifies whether Amazon S3 should block public ACLs for buckets in this // account. Setting this element to TRUE causes the following behavior: // // * PUT Bucket acl and PUT Object acl calls will fail if the specified ACL // allows public access. // // * PUT Object calls will fail if the request includes an object ACL. // // Note that enabling this setting doesn't affect existing policies or ACLs. BlockPublicAcls *bool `locationName:"BlockPublicAcls" type:"boolean"` // Specifies whether Amazon S3 should block public bucket policies for buckets // in this account. Setting this element to TRUE causes Amazon S3 to reject // calls to PUT Bucket policy if the specified bucket policy allows public access. // // Note that enabling this setting doesn't affect existing bucket policies. BlockPublicPolicy *bool `locationName:"BlockPublicPolicy" type:"boolean"` // Specifies whether Amazon S3 should ignore public ACLs for buckets in this // account. Setting this element to TRUE causes Amazon S3 to ignore all public // ACLs on buckets in this account and any objects that they contain. // // Note that enabling this setting doesn't affect the persistence of any existing // ACLs and doesn't prevent new public ACLs from being set. IgnorePublicAcls *bool `locationName:"IgnorePublicAcls" type:"boolean"` // Specifies whether Amazon S3 should restrict public bucket policies for buckets // in this account. If this element is set to TRUE, then only the bucket owner // and AWS Services can access buckets with public policies. // // Note that enabling this setting doesn't affect previously stored bucket policies, // except that public and cross-account access within any public bucket policy, // including non-public delegation to specific accounts, is blocked. RestrictPublicBuckets *bool `locationName:"RestrictPublicBuckets" type:"boolean"` // contains filtered or unexported fields }
The container element for all Public Access Block configuration options. You can enable the configuration options in any combination.
Amazon S3 considers a bucket policy public unless at least one of the following conditions is true:
The policy limits access to a set of CIDRs using aws:SourceIp. For more information on CIDR, see http://www.rfc-editor.org/rfc/rfc4632.txt (http://www.rfc-editor.org/rfc/rfc4632.txt)
The policy grants permissions, not including any "bad actions," to one of the following:
A fixed AWS principal, user, role, or service principal ¶
A fixed aws:SourceArn
A fixed aws:SourceVpc
A fixed aws:SourceVpce
A fixed aws:SourceOwner
A fixed aws:SourceAccount
A fixed value of s3:x-amz-server-side-encryption-aws-kms-key-id
A fixed value of aws:userid outside the pattern "AROLEID:*"
"Bad actions" are those that could expose the data inside a bucket to reads or writes by the public. These actions are s3:Get*, s3:List*, s3:AbortMultipartUpload, s3:Delete*, s3:Put*, and s3:RestoreObject.
The star notation for bad actions indicates that all matching operations are considered bad actions. For example, because s3:Get* is a bad action, s3:GetObject, s3:GetObjectVersion, and s3:GetObjectAcl are all bad actions.
func (PublicAccessBlockConfiguration) GoString ¶
func (s PublicAccessBlockConfiguration) GoString() string
GoString returns the string representation
func (*PublicAccessBlockConfiguration) SetBlockPublicAcls ¶
func (s *PublicAccessBlockConfiguration) SetBlockPublicAcls(v bool) *PublicAccessBlockConfiguration
SetBlockPublicAcls sets the BlockPublicAcls field's value.
func (*PublicAccessBlockConfiguration) SetBlockPublicPolicy ¶
func (s *PublicAccessBlockConfiguration) SetBlockPublicPolicy(v bool) *PublicAccessBlockConfiguration
SetBlockPublicPolicy sets the BlockPublicPolicy field's value.
func (*PublicAccessBlockConfiguration) SetIgnorePublicAcls ¶
func (s *PublicAccessBlockConfiguration) SetIgnorePublicAcls(v bool) *PublicAccessBlockConfiguration
SetIgnorePublicAcls sets the IgnorePublicAcls field's value.
func (*PublicAccessBlockConfiguration) SetRestrictPublicBuckets ¶
func (s *PublicAccessBlockConfiguration) SetRestrictPublicBuckets(v bool) *PublicAccessBlockConfiguration
SetRestrictPublicBuckets sets the RestrictPublicBuckets field's value.
func (PublicAccessBlockConfiguration) String ¶
func (s PublicAccessBlockConfiguration) String() string
String returns the string representation
type PutPublicAccessBlockInput ¶
type PutPublicAccessBlockInput struct { // The Account ID for the Amazon Web Services account whose Public Access Block // configuration you want to set. // // AccountId is a required field AccountId *string `location:"header" locationName:"x-amz-account-id" type:"string" required:"true"` // The Public Access Block configuration that you want to apply to this Amazon // Web Services account. // // PublicAccessBlockConfiguration is a required field PublicAccessBlockConfiguration *PublicAccessBlockConfiguration `` /* 137-byte string literal not displayed */ // contains filtered or unexported fields }
func (PutPublicAccessBlockInput) GoString ¶
func (s PutPublicAccessBlockInput) GoString() string
GoString returns the string representation
func (*PutPublicAccessBlockInput) SetAccountId ¶
func (s *PutPublicAccessBlockInput) SetAccountId(v string) *PutPublicAccessBlockInput
SetAccountId sets the AccountId field's value.
func (*PutPublicAccessBlockInput) SetPublicAccessBlockConfiguration ¶
func (s *PutPublicAccessBlockInput) SetPublicAccessBlockConfiguration(v *PublicAccessBlockConfiguration) *PutPublicAccessBlockInput
SetPublicAccessBlockConfiguration sets the PublicAccessBlockConfiguration field's value.
func (PutPublicAccessBlockInput) String ¶
func (s PutPublicAccessBlockInput) String() string
String returns the string representation
func (*PutPublicAccessBlockInput) Validate ¶
func (s *PutPublicAccessBlockInput) Validate() error
Validate inspects the fields of the type to determine if they are valid.
type PutPublicAccessBlockOutput ¶
type PutPublicAccessBlockOutput struct {
// contains filtered or unexported fields
}
func (PutPublicAccessBlockOutput) GoString ¶
func (s PutPublicAccessBlockOutput) GoString() string
GoString returns the string representation
func (PutPublicAccessBlockOutput) String ¶
func (s PutPublicAccessBlockOutput) String() string
String returns the string representation
type S3Control ¶
S3Control provides the API operation methods for making requests to AWS S3 Control. See this package's package overview docs for details on the service.
S3Control methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.
func New ¶
func New(p client.ConfigProvider, cfgs ...*aws.Config) *S3Control
New creates a new instance of the S3Control client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.
Example:
// Create a S3Control client from just a session. svc := s3control.New(mySession) // Create a S3Control client with additional configuration svc := s3control.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
func (*S3Control) DeletePublicAccessBlock ¶
func (c *S3Control) DeletePublicAccessBlock(input *DeletePublicAccessBlockInput) (*DeletePublicAccessBlockOutput, error)
DeletePublicAccessBlock API operation for AWS S3 Control.
Removes the Public Access Block configuration for an Amazon Web Services account.
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS S3 Control's API operation DeletePublicAccessBlock for usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeletePublicAccessBlock
func (*S3Control) DeletePublicAccessBlockRequest ¶
func (c *S3Control) DeletePublicAccessBlockRequest(input *DeletePublicAccessBlockInput) (req *request.Request, output *DeletePublicAccessBlockOutput)
DeletePublicAccessBlockRequest generates a "aws/request.Request" representing the client's request for the DeletePublicAccessBlock operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See DeletePublicAccessBlock for more information on using the DeletePublicAccessBlock API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the DeletePublicAccessBlockRequest method. req, resp := client.DeletePublicAccessBlockRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/DeletePublicAccessBlock
func (*S3Control) DeletePublicAccessBlockWithContext ¶
func (c *S3Control) DeletePublicAccessBlockWithContext(ctx aws.Context, input *DeletePublicAccessBlockInput, opts ...request.Option) (*DeletePublicAccessBlockOutput, error)
DeletePublicAccessBlockWithContext is the same as DeletePublicAccessBlock with the addition of the ability to pass a context and additional request options.
See DeletePublicAccessBlock for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (*S3Control) GetPublicAccessBlock ¶
func (c *S3Control) GetPublicAccessBlock(input *GetPublicAccessBlockInput) (*GetPublicAccessBlockOutput, error)
GetPublicAccessBlock API operation for AWS S3 Control.
Retrieves the Public Access Block configuration for an Amazon Web Services account.
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS S3 Control's API operation GetPublicAccessBlock for usage and error information.
Returned Error Codes:
- ErrCodeNoSuchPublicAccessBlockConfiguration "NoSuchPublicAccessBlockConfiguration" This exception is thrown if a GetPublicAccessBlock request is made against an account that does not have a PublicAccessBlockConfiguration set.
See also, https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetPublicAccessBlock
func (*S3Control) GetPublicAccessBlockRequest ¶
func (c *S3Control) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req *request.Request, output *GetPublicAccessBlockOutput)
GetPublicAccessBlockRequest generates a "aws/request.Request" representing the client's request for the GetPublicAccessBlock operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See GetPublicAccessBlock for more information on using the GetPublicAccessBlock API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the GetPublicAccessBlockRequest method. req, resp := client.GetPublicAccessBlockRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/GetPublicAccessBlock
func (*S3Control) GetPublicAccessBlockWithContext ¶
func (c *S3Control) GetPublicAccessBlockWithContext(ctx aws.Context, input *GetPublicAccessBlockInput, opts ...request.Option) (*GetPublicAccessBlockOutput, error)
GetPublicAccessBlockWithContext is the same as GetPublicAccessBlock with the addition of the ability to pass a context and additional request options.
See GetPublicAccessBlock for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
func (*S3Control) PutPublicAccessBlock ¶
func (c *S3Control) PutPublicAccessBlock(input *PutPublicAccessBlockInput) (*PutPublicAccessBlockOutput, error)
PutPublicAccessBlock API operation for AWS S3 Control.
Creates or modifies the Public Access Block configuration for an Amazon Web Services account.
Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.
See the AWS API reference guide for AWS S3 Control's API operation PutPublicAccessBlock for usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutPublicAccessBlock
func (*S3Control) PutPublicAccessBlockRequest ¶
func (c *S3Control) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req *request.Request, output *PutPublicAccessBlockOutput)
PutPublicAccessBlockRequest generates a "aws/request.Request" representing the client's request for the PutPublicAccessBlock operation. The "output" return value will be populated with the request's response once the request completes successfully.
Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.
See PutPublicAccessBlock for more information on using the PutPublicAccessBlock API call, and error handling.
This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.
// Example sending a request using the PutPublicAccessBlockRequest method. req, resp := client.PutPublicAccessBlockRequest(params) err := req.Send() if err == nil { // resp is now filled fmt.Println(resp) }
See also, https://docs.aws.amazon.com/goto/WebAPI/s3control-2018-08-20/PutPublicAccessBlock
func (*S3Control) PutPublicAccessBlockWithContext ¶
func (c *S3Control) PutPublicAccessBlockWithContext(ctx aws.Context, input *PutPublicAccessBlockInput, opts ...request.Option) (*PutPublicAccessBlockOutput, error)
PutPublicAccessBlockWithContext is the same as PutPublicAccessBlock with the addition of the ability to pass a context and additional request options.
See PutPublicAccessBlock for details on how to use this API operation.
The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.
Directories ¶
Path | Synopsis |
---|---|
Package s3controliface provides an interface to enable mocking the AWS S3 Control service client for testing your code.
|
Package s3controliface provides an interface to enable mocking the AWS S3 Control service client for testing your code. |