public EncryptionTestsV2() : base(KmsKeyIdProvider.Instance)
{
kmsKeyID = _kmsKeyIdProvider.GetKmsId();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterials = new EncryptionMaterialsV2(rsa, AsymmetricAlgorithmType.RsaOaepSha1);
var symmetricEncryptionMaterials = new EncryptionMaterialsV2(aes, SymmetricAlgorithmType.AesGcm);
var kmsEncryptionMaterials =
new EncryptionMaterialsV2(kmsKeyID, KmsType.KmsContext, new Dictionary <string, string>());
var fileConfig = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2)
{
StorageMode = CryptoStorageMode.InstructionFile
};
var metadataConfig = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2)
{
StorageMode = CryptoStorageMode.ObjectMetadata
};
s3EncryptionClientMetadataModeSymmetricWrap =
new AmazonS3EncryptionClientV2(metadataConfig, symmetricEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeSymmetricWrap);
s3EncryptionClientFileModeSymmetricWrap =
new AmazonS3EncryptionClientV2(fileConfig, symmetricEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeSymmetricWrap);
s3EncryptionClientMetadataModeAsymmetricWrap =
new AmazonS3EncryptionClientV2(metadataConfig, asymmetricEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeAsymmetricWrap);
s3EncryptionClientFileModeAsymmetricWrap =
new AmazonS3EncryptionClientV2(fileConfig, asymmetricEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeAsymmetricWrap);
s3EncryptionClientMetadataModeKMS = new AmazonS3EncryptionClientV2(metadataConfig, kmsEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMS);
s3EncryptionClientFileModeKMS = new AmazonS3EncryptionClientV2(fileConfig, kmsEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMS);
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = S3TestUtils.CreateBucketWithWait(s3EncryptionClientFileModeSymmetricWrap);
}
private static void TestLifecycleFilterPredicate(LifecycleFilterPredicate predicate, AmazonS3Client client = null)
{
var filter = new LifecycleFilter()
{
LifecycleFilterPredicate = predicate
};
var rule = new LifecycleRule
{
Filter = filter,
Status = LifecycleRuleStatus.Enabled,
Transitions = new List <LifecycleTransition>()
{
new LifecycleTransition
{
Days = 1,
StorageClass = S3StorageClass.Glacier
}
}
};
if (client == null)
{
client = Client;
}
client.PutLifecycleConfiguration(new PutLifecycleConfigurationRequest
{
BucketName = bucketName,
Configuration = new LifecycleConfiguration
{
Rules = new List <LifecycleRule>
{
rule
}
}
});
var actualConfig = S3TestUtils.WaitForConsistency(() =>
{
var res = client.GetLifecycleConfiguration(bucketName);
return(res.Configuration?.Rules?.Count == 1 ? res.Configuration : null);
});
Assert.IsNotNull(actualConfig);
Assert.IsNotNull(actualConfig.Rules);
Assert.AreEqual(1, actualConfig.Rules.Count);
AssertRulesAreEqual(rule, actualConfig.Rules[0]);
}
public EncryptionTestsV1InteropV2() : base(KmsKeyIdProvider.Instance)
{
kmsKeyID = _kmsKeyIdProvider.GetKmsId();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(rsa);
var asymmetricEncryptionMaterialsV2 = new EncryptionMaterialsV2(rsa, AsymmetricAlgorithmType.RsaOaepSha1);
var symmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(aes);
var symmetricEncryptionMaterialsV2 = new EncryptionMaterialsV2(aes, SymmetricAlgorithmType.AesGcm);
var kmsEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(kmsKeyID);
var kmsEncryptionMaterialsV2 =
new EncryptionMaterialsV2(kmsKeyID, KmsType.KmsContext, new Dictionary <string, string>());
var configV1 = new Amazon.S3.Encryption.AmazonS3CryptoConfiguration
{
StorageMode = Amazon.S3.Encryption.CryptoStorageMode.InstructionFile
};
fileConfig = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2AndLegacy)
{
StorageMode = CryptoStorageMode.InstructionFile
};
metadataConfig = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2AndLegacy)
{
StorageMode = CryptoStorageMode.ObjectMetadata
};
s3EncryptionClientMetadataModeAsymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1);
s3EncryptionClientFileModeAsymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, asymmetricEncryptionMaterialsV1);
s3EncryptionClientMetadataModeSymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1);
s3EncryptionClientFileModeSymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, symmetricEncryptionMaterialsV1);
s3EncryptionClientMetadataModeKMSV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(kmsEncryptionMaterialsV1);
s3EncryptionClientFileModeKMSV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, kmsEncryptionMaterialsV1);
s3EncryptionClientMetadataModeAsymmetricWrapV2 =
new AmazonS3EncryptionClientV2(metadataConfig, asymmetricEncryptionMaterialsV2);
s3EncryptionClientFileModeAsymmetricWrapV2 =
new AmazonS3EncryptionClientV2(fileConfig, asymmetricEncryptionMaterialsV2);
s3EncryptionClientMetadataModeSymmetricWrapV2 =
new AmazonS3EncryptionClientV2(metadataConfig, symmetricEncryptionMaterialsV2);
s3EncryptionClientFileModeSymmetricWrapV2 =
new AmazonS3EncryptionClientV2(fileConfig, symmetricEncryptionMaterialsV2);
s3EncryptionClientMetadataModeKMSV2 =
new AmazonS3EncryptionClientV2(metadataConfig, kmsEncryptionMaterialsV2);
s3EncryptionClientFileModeKMSV2 = new AmazonS3EncryptionClientV2(fileConfig, kmsEncryptionMaterialsV2);
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = S3TestUtils.CreateBucketWithWait(s3EncryptionClientFileModeAsymmetricWrapV1);
}
public void TestPipelineOperations()
{
var inputBucket = S3TestUtils.CreateBucket(s3Client);
var outputBucket = S3TestUtils.CreateBucket(s3Client);
var pipelineName = "sdktest-pipeline" + DateTime.Now.Ticks;
var roleName = "sdktest-ets-role" + DateTime.Now.Ticks;
var policyName = "Access_Policy";
var pipelineId = string.Empty;
var pipelineExists = false;
try
{
// Create a role with trust policy
var role = iamClient.CreateRole(new CreateRoleRequest
{
RoleName = roleName,
AssumeRolePolicyDocument = TrustPolicy
}).Role;
// Set access policy
iamClient.PutRolePolicy(new PutRolePolicyRequest
{
RoleName = roleName,
PolicyDocument = AccessPolicy,
PolicyName = policyName
});
Client.ListPipelines();
// Create Pipeline
var pipeline = Client.CreatePipeline(
new CreatePipelineRequest
{
Name = pipelineName,
InputBucket = inputBucket,
OutputBucket = outputBucket,
Notifications = new Notifications
{
},
Role = role.Arn,
AwsKmsKeyArn = kmsKeyArn
}).Pipeline;
pipelineExists = true;
Assert.IsNotNull(pipeline);
Assert.AreEqual(pipeline.Name, pipelineName);
Thread.Sleep(1000 * 5);
pipelineId = pipeline.Id;
// List Pipelines
var pipelines = Client.ListPipelines().Pipelines;
Assert.IsTrue(pipelines.Count > 0);
pipelines.Contains(pipeline);
// Get Pipeline
var readPipelineResult = Client.ReadPipeline(
new ReadPipelineRequest()
{
Id = pipelineId
});
Assert.AreEqual(readPipelineResult.Pipeline.Id, pipelineId);
// Update pipeline
Client.UpdatePipelineStatus(
new UpdatePipelineStatusRequest
{
Id = pipelineId,
Status = "Paused"
});
// Get pipeline
readPipelineResult = Client.ReadPipeline(
new ReadPipelineRequest {
Id = pipelineId
});
Assert.AreEqual("Paused".ToLower(), readPipelineResult.Pipeline.Status.ToLower());
// List jobs
var jobs = Client.ListJobsByPipeline(
new ListJobsByPipelineRequest
{
PipelineId = pipelineId,
Ascending = "true"
}).Jobs;
// Remove pipeline
Client.DeletePipeline(
new DeletePipelineRequest {
Id = pipelineId
});
pipelineExists = false;
AssertExtensions.ExpectException(() =>
{
readPipelineResult = Client.ReadPipeline(
new ReadPipelineRequest()
{
Id = pipelineId
});
}, typeof(ResourceNotFoundException));
}
finally
{
s3Client.DeleteBucket(new DeleteBucketRequest {
BucketName = inputBucket
});
s3Client.DeleteBucket(new DeleteBucketRequest {
BucketName = outputBucket
});
iamClient.DeleteRolePolicy(new DeleteRolePolicyRequest
{
RoleName = roleName,
PolicyName = policyName
});
iamClient.DeleteRole(new DeleteRoleRequest
{
RoleName = roleName
});
if (pipelineExists)
{
// Remove pipeline
Client.DeletePipeline(new DeletePipelineRequest {
Id = pipelineId
});
}
}
}
#pragma warning restore 0618
public EncryptionTestsV1InteropV1N() : base(KmsKeyIdProvider.Instance)
{
filePath = Path.Combine(Path.GetTempPath(), $"EncryptionPutObjectFile-{Guid.NewGuid()}.txt");
kmsKeyID = _kmsKeyIdProvider.GetKmsId();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(rsa);
var asymmetricEncryptionMaterialsV1N = new EncryptionMaterials(rsa);
var symmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(aes);
var symmetricEncryptionMaterialsV1N = new EncryptionMaterials(aes);
var kmsEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(kmsKeyID);
var kmsEncryptionMaterialsV1N = new EncryptionMaterials(kmsKeyID);
var configV1 = new Amazon.S3.Encryption.AmazonS3CryptoConfiguration()
{
StorageMode = Amazon.S3.Encryption.CryptoStorageMode.InstructionFile
};
var configV1N = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientMetadataModeAsymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeAsymmetricWrapV1);
s3EncryptionClientFileModeAsymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, asymmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeAsymmetricWrapV1);
s3EncryptionClientMetadataModeSymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeSymmetricWrapV1);
s3EncryptionClientFileModeSymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, symmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeSymmetricWrapV1);
s3EncryptionClientMetadataModeKMSV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(kmsEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMSV1);
s3EncryptionClientFileModeKMSV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, kmsEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMSV1);
s3EncryptionClientMetadataModeAsymmetricWrapV1N =
new AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeAsymmetricWrapV1N);
s3EncryptionClientFileModeAsymmetricWrapV1N =
new AmazonS3EncryptionClient(configV1N, asymmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeAsymmetricWrapV1N);
s3EncryptionClientMetadataModeSymmetricWrapV1N =
new AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeSymmetricWrapV1N);
s3EncryptionClientFileModeSymmetricWrapV1N =
new AmazonS3EncryptionClient(configV1N, symmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeSymmetricWrapV1N);
s3EncryptionClientMetadataModeKMSV1N = new AmazonS3EncryptionClient(kmsEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMSV1N);
s3EncryptionClientFileModeKMSV1N = new AmazonS3EncryptionClient(configV1N, kmsEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMSV1N);
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = S3TestUtils.CreateBucketWithWait(s3EncryptionClientFileModeAsymmetricWrapV1);
}
public void Init()
{
bucketName = S3TestUtils.CreateBucket(Client);
}
public void LifecycleTest()
{
var s3Configuration = Client.GetLifecycleConfiguration(bucketName).Configuration;
Assert.IsNotNull(s3Configuration);
Assert.IsNotNull(s3Configuration.Rules);
Assert.AreEqual(0, s3Configuration.Rules.Count);
var configuration = new LifecycleConfiguration
{
Rules = new List <LifecycleRule>
{
new LifecycleRule
{
#pragma warning disable 618
Prefix = "rule1-",
#pragma warning restore 618
Status = LifecycleRuleStatus.Enabled,
Expiration = new LifecycleRuleExpiration
{
Days = 2,
},
#pragma warning disable 618
Transition = new LifecycleTransition
{
Days = 1,
StorageClass = S3StorageClass.Glacier
},
NoncurrentVersionTransition = new LifecycleRuleNoncurrentVersionTransition
{
NoncurrentDays = 14,
StorageClass = S3StorageClass.Glacier
},
#pragma warning restore 618
AbortIncompleteMultipartUpload = new LifecycleRuleAbortIncompleteMultipartUpload
{
DaysAfterInitiation = 7
}
},
new LifecycleRule
{
#pragma warning disable 618
Prefix = "rule2-",
#pragma warning restore 618
Expiration = new LifecycleRuleExpiration
{
Days = 120
},
Transitions = new List <LifecycleTransition>
{
new LifecycleTransition
{
Days = 30,
StorageClass = S3StorageClass.StandardInfrequentAccess
},
new LifecycleTransition
{
Days = 90,
StorageClass = S3StorageClass.Glacier
}
},
NoncurrentVersionTransitions = new List <LifecycleRuleNoncurrentVersionTransition>
{
new LifecycleRuleNoncurrentVersionTransition
{
NoncurrentDays = 30,
StorageClass = S3StorageClass.StandardInfrequentAccess
},
new LifecycleRuleNoncurrentVersionTransition
{
NoncurrentDays = 90,
StorageClass = S3StorageClass.Glacier
}
}
},
new LifecycleRule
{
#pragma warning disable 618
Prefix = "rule3-",
#pragma warning restore 618
Expiration = new LifecycleRuleExpiration
{
ExpiredObjectDeleteMarker = true
},
Transitions = new List <LifecycleTransition>
{
new LifecycleTransition
{
Days = 30,
StorageClass = S3StorageClass.StandardInfrequentAccess
},
new LifecycleTransition
{
Days = 90,
StorageClass = S3StorageClass.Glacier
}
},
NoncurrentVersionTransitions = new List <LifecycleRuleNoncurrentVersionTransition>
{
new LifecycleRuleNoncurrentVersionTransition
{
NoncurrentDays = 30,
StorageClass = S3StorageClass.StandardInfrequentAccess
},
new LifecycleRuleNoncurrentVersionTransition
{
NoncurrentDays = 90,
StorageClass = S3StorageClass.Glacier
}
}
}
}
};
Client.PutLifecycleConfiguration(new PutLifecycleConfigurationRequest
{
BucketName = bucketName,
Configuration = configuration
});
s3Configuration = S3TestUtils.WaitForConsistency(() =>
{
var res = Client.GetLifecycleConfiguration(bucketName);
return(res.Configuration?.Rules?.Count == configuration.Rules.Count ? res.Configuration : null);
});
string abortRuleId = null;
Assert.IsNotNull(s3Configuration);
Assert.IsNotNull(s3Configuration.Rules);
Assert.AreEqual(configuration.Rules.Count, s3Configuration.Rules.Count);
for (int i = 0; i < configuration.Rules.Count; i++)
{
var s3Rule = s3Configuration.Rules[i];
var rule = configuration.Rules[i];
Assert.IsNotNull(rule);
Assert.IsNotNull(s3Rule);
if (rule.AbortIncompleteMultipartUpload != null)
{
abortRuleId = s3Rule.Id;
}
AssertRulesAreEqual(rule, s3Rule);
}
var expectedMinAbortDate = DateTime.Now.Date.AddDays(7);
var initResponse = Client.InitiateMultipartUpload(new InitiateMultipartUploadRequest
{
BucketName = bucketName,
Key = "rule1-123",
CannedACL = S3CannedACL.PublicRead
});
var listResponse = Client.ListParts(bucketName, initResponse.Key, initResponse.UploadId);
Assert.AreEqual(abortRuleId, initResponse.AbortRuleId);
Assert.AreEqual(abortRuleId, listResponse.AbortRuleId);
Assert.AreEqual(initResponse.AbortDate, listResponse.AbortDate);
Assert.IsTrue(expectedMinAbortDate < initResponse.AbortDate);
}
public void LifecycleV2Test()
{
var s3Configuration = Client.GetLifecycleConfiguration(bucketName).Configuration;
Assert.IsNotNull(s3Configuration);
Assert.IsNotNull(s3Configuration.Rules);
Assert.AreEqual(0, s3Configuration.Rules.Count);
var configuration = new LifecycleConfiguration
{
Rules = new List <LifecycleRule>
{
new LifecycleRule
{
Filter = new LifecycleFilter
{
LifecycleFilterPredicate = new LifecycleAndOperator
{
Operands = new List <LifecycleFilterPredicate>
{
new LifecycleObjectSizeGreaterThanPredicate
{
ObjectSizeGreaterThan = 132000
},
new LifecycleObjectSizeLessThanPredicate
{
ObjectSizeLessThan = 422000
}
}
}
},
Transitions = new List <LifecycleTransition>
{
new LifecycleTransition
{
Days = 30,
StorageClass = S3StorageClass.StandardInfrequentAccess
},
new LifecycleTransition
{
Days = 90,
StorageClass = S3StorageClass.Glacier
}
}
}
}
};
Client.PutLifecycleConfiguration(new PutLifecycleConfigurationRequest
{
BucketName = bucketName,
Configuration = configuration
});
s3Configuration = S3TestUtils.WaitForConsistency(() =>
{
var res = Client.GetLifecycleConfiguration(bucketName);
return(res.Configuration?.Rules?.Count == configuration.Rules.Count ? res.Configuration : null);
});
string abortRuleId = null;
Assert.IsNotNull(s3Configuration);
Assert.IsNotNull(s3Configuration.Rules);
Assert.AreEqual(configuration.Rules.Count, s3Configuration.Rules.Count);
for (int i = 0; i < configuration.Rules.Count; i++)
{
var s3Rule = s3Configuration.Rules[i];
var rule = configuration.Rules[i];
Assert.IsNotNull(rule);
Assert.IsNotNull(s3Rule);
if (rule.AbortIncompleteMultipartUpload != null)
{
abortRuleId = s3Rule.Id;
}
AssertRulesAreEqual(rule, s3Rule);
}
}
