/// <summary> /// Display the contents of the ACL applied to the newly created bucket. /// </summary> /// <param name="acl">An S3AccessControlList for the newly created /// Amazon S3 bucket.</param> public static void DisplayACL(S3AccessControlList acl) { Console.WriteLine($"\nOwner: {acl.Owner}"); acl.Grants.ForEach(g => { Console.WriteLine($"{g.Grantee}, {g.Permission}"); }); }
private static async Task TestObjectACLTestAsync() { try { // Retrieve the ACL for the object. GetACLResponse aclResponse = await client.GetACLAsync(new GetACLRequest { BucketName = bucketName, Key = keyName }); S3AccessControlList acl = aclResponse.AccessControlList; // Retrieve the owner (we use this to re-add permissions after we clear the ACL). Owner owner = acl.Owner; // Clear existing grants. acl.Grants.Clear(); // Add a grant to reset the owner's full permission (the previous clear statement removed all permissions). S3Grant fullControlGrant = new S3Grant { Grantee = new S3Grantee { CanonicalUser = owner.Id }, Permission = S3Permission.FULL_CONTROL }; // Describe the grant for the permission using an email address. S3Grant grantUsingEmail = new S3Grant { Grantee = new S3Grantee { EmailAddress = emailAddress }, Permission = S3Permission.WRITE_ACP }; acl.Grants.AddRange(new List <S3Grant> { fullControlGrant, grantUsingEmail }); // Set a new ACL. PutACLResponse response = await client.PutACLAsync(new PutACLRequest { BucketName = bucketName, Key = keyName, AccessControlList = acl }); } catch (AmazonS3Exception amazonS3Exception) { Console.WriteLine("An AmazonS3Exception was thrown. Exception: " + amazonS3Exception.ToString()); } catch (Exception e) { Console.WriteLine("Exception: " + e.ToString()); } }
static async Task GetBucketACLAsync(string bucketName) { GetACLResponse response = await client.GetACLAsync(new GetACLRequest { BucketName = bucketName }); S3AccessControlList accessControlList = response.AccessControlList; }
/// <summary> /// Sets the S3 Objects's ACL /// </summary> /// <param name="acl">ACL assigned to the S3 object</param> public void SetACL(S3AccessControlList acl) { var request = new PutACLRequest { BucketName = this.linker.s3.bucket, Key = this.linker.s3.key, AccessControlList = acl }; this.s3ClientCache.GetClient(this.RegionAsEndpoint).PutACL(request); }
private static async Task GrantPermissionsToWriteLogsAsync() { var bucketACL = new S3AccessControlList(); var aclResponse = client.GetACL(new GetACLRequest { BucketName = targetBucketName }); bucketACL = aclResponse.AccessControlList; bucketACL.AddGrant(new S3Grantee { URI = "http://acs.amazonaws.com/groups/s3/LogDelivery" }, S3Permission.WRITE); bucketACL.AddGrant(new S3Grantee { URI = "http://acs.amazonaws.com/groups/s3/LogDelivery" }, S3Permission.READ_ACP); var setACLRequest = new PutACLRequest { AccessControlList = bucketACL, BucketName = targetBucketName }; await client.PutACLAsync(setACLRequest); }
private void setS3Permission(String bucketName, String key) { // Get the ACL for the file and retrieve the owner ID (not sure how to get it otherwise). GetACLRequest getAclRequest = new GetACLRequest().WithBucketName(bucketName).WithKey(key); GetACLResponse aclResponse = s3.GetACL(getAclRequest); Owner owner = aclResponse.AccessControlList.Owner; // Create a grantee as the MessageGears account S3Grantee grantee = new S3Grantee().WithCanonicalUser(properties.MessageGearsAWSCanonicalId, "MessageGears"); // Grant MessageGears Read-only access S3Permission messageGearsPermission = S3Permission.READ; S3AccessControlList acl = new S3AccessControlList().WithOwner(owner); acl.AddGrant(grantee, messageGearsPermission); // Create a new ACL granting the owner full control. grantee = new S3Grantee().WithCanonicalUser(owner.Id, "MyAWSId"); acl.AddGrant(grantee, S3Permission.FULL_CONTROL); SetACLRequest aclRequest = new SetACLRequest().WithACL(acl).WithBucketName(bucketName).WithKey(key); s3.SetACL(aclRequest); }
public void SetACL(string fileKey, bool anonymouseReadAccess) { SetACLRequest aclRequest = new SetACLRequest(); aclRequest.Key = fileKey; aclRequest.BucketName = BucketName; S3AccessControlList aclList = new S3AccessControlList(); Owner owner = new Owner(); owner.Id = "oyesil"; owner.DisplayName = ""; aclList.Owner = owner; if (anonymouseReadAccess) { S3Grantee grantPublicRead = new S3Grantee(); grantPublicRead.URI = " http://acs.amazonaws.com/groups/global/AllUsers"; aclList.AddGrant(grantPublicRead, S3Permission.READ); } //Authenticated user read access S3Grantee grantAuthenticatedRead = new S3Grantee(); grantAuthenticatedRead.URI = " http://acs.amazonaws.com/groups/global/AuthenticatedUsers"; aclList.AddGrant(grantAuthenticatedRead, S3Permission.READ); aclRequest.ACL = aclList; Amazon.S3.AmazonS3Client client = new Amazon.S3.AmazonS3Client(ConfigurationLibrary.Config.fileAmazonS3AccessKey, ConfigurationLibrary.Config.fileAmazonS3SecreyKey); SetACLResponse aclResponse = client.SetACL(aclRequest); client.Dispose(); }
public void AclSamples() { { #region PutACL Sample 1 // Create a client AmazonS3Client client = new AmazonS3Client(); // Set Canned ACL (PublicRead) for an existing item client.PutACL(new PutACLRequest { BucketName = "SampleBucket", Key = "Item1", CannedACL = S3CannedACL.PublicRead }); // Set Canned ACL (PublicRead) for an existing item // (This reverts ACL back to default for object) client.PutACL(new PutACLRequest { BucketName = "SampleBucket", Key = "Item1", CannedACL = S3CannedACL.Private }); #endregion } { #region GetACL\PutACL Samples // Create a client AmazonS3Client client = new AmazonS3Client(); // Retrieve ACL for object S3AccessControlList acl = client.GetACL(new GetACLRequest { BucketName = "SampleBucket", Key = "Item1", }).AccessControlList; // Retrieve owner Owner owner = acl.Owner; // Describe grant S3Grant grant = new S3Grant { Grantee = new S3Grantee { EmailAddress = "*****@*****.**" }, Permission = S3Permission.WRITE_ACP }; // Create new ACL S3AccessControlList newAcl = new S3AccessControlList { Grants = new List <S3Grant> { grant }, Owner = owner }; // Set new ACL PutACLResponse response = client.PutACL(new PutACLRequest { BucketName = "SampleBucket", Key = "Item1", AccessControlList = acl }); #endregion } }
static async Task AddACLToExistingObjectAsync(string bucketName, string keyName) { // Retrieve the ACL for an object. GetACLResponse aclResponse = await client.GetACLAsync(new GetACLRequest { BucketName = bucketName, Key = keyName }); S3AccessControlList acl = aclResponse.AccessControlList; // Retrieve the owner. Owner owner = acl.Owner; // Clear existing grants. acl.Grants.Clear(); // Add a grant to reset the owner's full permission // (the previous clear statement removed all permissions). S3Grant fullControlGrant = new S3Grant { Grantee = new S3Grantee { CanonicalUser = acl.Owner.Id } }; acl.AddGrant(fullControlGrant.Grantee, S3Permission.FULL_CONTROL); // Specify email to identify grantee for granting permissions. S3Grant grantUsingEmail = new S3Grant { Grantee = new S3Grantee { EmailAddress = emailAddress }, Permission = S3Permission.WRITE_ACP }; // Specify log delivery group as grantee. S3Grant grantLogDeliveryGroup = new S3Grant { Grantee = new S3Grantee { URI = "http://acs.amazonaws.com/groups/s3/LogDelivery" }, Permission = S3Permission.WRITE }; // Create a new ACL. S3AccessControlList newAcl = new S3AccessControlList { Grants = new List <S3Grant> { grantUsingEmail, grantLogDeliveryGroup }, Owner = owner }; // Set the new ACL. PutACLResponse response = await client.PutACLAsync(new PutACLRequest { BucketName = bucketName, Key = keyName, AccessControlList = newAcl }); }
public IRequest Marshall(PutACLRequest putObjectAclRequest) { //IL_0006: Unknown result type (might be due to invalid IL or missing references) //IL_000c: Expected O, but got Unknown //IL_034a: Unknown result type (might be due to invalid IL or missing references) IRequest val = new DefaultRequest(putObjectAclRequest, "AmazonS3"); val.set_HttpMethod("PUT"); if (putObjectAclRequest.IsSetCannedACL()) { val.get_Headers().Add("x-amz-acl", S3Transforms.ToStringValue(ConstantClass.op_Implicit(putObjectAclRequest.CannedACL))); } val.set_ResourcePath(string.Format(CultureInfo.InvariantCulture, "/{0}/{1}", S3Transforms.ToStringValue(putObjectAclRequest.BucketName), S3Transforms.ToStringValue(putObjectAclRequest.Key))); val.AddSubResource("acl"); if (putObjectAclRequest.IsSetVersionId()) { val.AddSubResource("versionId", S3Transforms.ToStringValue(putObjectAclRequest.VersionId)); } StringWriter stringWriter = new StringWriter(CultureInfo.InvariantCulture); using (XmlWriter xmlWriter = XmlWriter.Create(stringWriter, new XmlWriterSettings { Encoding = Encoding.UTF8, OmitXmlDeclaration = true })) { S3AccessControlList accessControlList = putObjectAclRequest.AccessControlList; if (accessControlList != null) { xmlWriter.WriteStartElement("AccessControlPolicy", ""); List <S3Grant> grants = accessControlList.Grants; if (grants != null && grants.Count > 0) { xmlWriter.WriteStartElement("AccessControlList", ""); foreach (S3Grant item in grants) { xmlWriter.WriteStartElement("Grant", ""); if (item != null) { S3Grantee grantee = item.Grantee; if (grantee != null) { xmlWriter.WriteStartElement("Grantee", ""); if (grantee.IsSetType()) { xmlWriter.WriteAttributeString("xsi", "type", "http://www.w3.org/2001/XMLSchema-instance", ((object)grantee.Type).ToString()); } if (grantee.IsSetDisplayName()) { xmlWriter.WriteElementString("DisplayName", "", S3Transforms.ToXmlStringValue(grantee.DisplayName)); } if (grantee.IsSetEmailAddress()) { xmlWriter.WriteElementString("EmailAddress", "", S3Transforms.ToXmlStringValue(grantee.EmailAddress)); } if (grantee.IsSetCanonicalUser()) { xmlWriter.WriteElementString("ID", "", S3Transforms.ToXmlStringValue(grantee.CanonicalUser)); } if (grantee.IsSetURI()) { xmlWriter.WriteElementString("URI", "", S3Transforms.ToXmlStringValue(grantee.URI)); } xmlWriter.WriteEndElement(); } if (item.IsSetPermission()) { xmlWriter.WriteElementString("Permission", "", S3Transforms.ToXmlStringValue(ConstantClass.op_Implicit(item.Permission))); } } xmlWriter.WriteEndElement(); } xmlWriter.WriteEndElement(); Owner owner = accessControlList.Owner; if (owner != null) { xmlWriter.WriteStartElement("Owner", ""); if (owner.IsSetDisplayName()) { xmlWriter.WriteElementString("DisplayName", "", S3Transforms.ToXmlStringValue(owner.DisplayName)); } if (owner.IsSetId()) { xmlWriter.WriteElementString("ID", "", S3Transforms.ToXmlStringValue(owner.Id)); } xmlWriter.WriteEndElement(); } } xmlWriter.WriteEndElement(); } } try { string text = stringWriter.ToString(); val.set_Content(Encoding.UTF8.GetBytes(text)); val.get_Headers()["Content-Type"] = "application/xml"; string value = AmazonS3Util.GenerateChecksumForContent(text, fBase64Encode: true); val.get_Headers()["Content-MD5"] = value; return(val); } catch (EncoderFallbackException ex) { throw new AmazonServiceException("Unable to marshall request to XML", (Exception)ex); } }