public override async Task ActivatingAsync() { if (_options.CreateBucket && _shellSettings.State != Environment.Shell.Models.TenantState.Uninitialized && !String.IsNullOrEmpty(_options.BucketName)) { _logger.LogDebug("Testing Amazon S3 Bucket {BucketName} existence", _options.BucketName); try { var isBucketExists = await AmazonS3Util.DoesS3BucketExistV2Async(_amazonS3Client, _options.BucketName); if (isBucketExists) { _logger.LogInformation("Amazon S3 Bucket {BucketName} already exists.", _options.BucketName); return; } var bucketRequest = new PutBucketRequest { BucketName = _options.BucketName, UseClientRegion = true }; // Tying to create bucket var response = await _amazonS3Client.PutBucketAsync(bucketRequest); if (!response.IsSuccessful()) { _logger.LogError("Unable to create Amazon S3 Bucket. {Response}", response); return; } // Blocking public access for the newly created bucket. var blockConfiguration = new PublicAccessBlockConfiguration { BlockPublicAcls = true, BlockPublicPolicy = true, IgnorePublicAcls = true, RestrictPublicBuckets = true }; await _amazonS3Client.PutPublicAccessBlockAsync(new PutPublicAccessBlockRequest { PublicAccessBlockConfiguration = blockConfiguration, BucketName = _options.BucketName }); _logger.LogDebug("Amazon S3 Bucket {BucketName} created.", _options.BucketName); } catch (Exception e) { _logger.LogError(e, "Unable to create Amazon S3 Bucket."); } } }
/// <summary> /// Method creates new bucket in S3 /// </summary> /// <param name="bucketName">Name of the bucket</param> /// <param name="disablePublicAccess">Set to true if you want to disable public access to your bucket, set to false if you want to enable public access to your bucket</param> public void CreateBucket(string bucketName, bool disablePublicAccess = true) { if (string.IsNullOrEmpty(bucketName)) { throw new ArgumentNullException(nameof(bucketName)); } PutBucketRequest s3PutBucketRequest = new PutBucketRequest(); s3PutBucketRequest.BucketName = bucketName; s3PutBucketRequest.UseClientRegion = true; try { using (Task <PutBucketResponse> s3PutBucketResponse = _client.PutBucketAsync(s3PutBucketRequest)) { Console.WriteLine($"HTTP status code : {s3PutBucketResponse.Result.HttpStatusCode}"); PublicAccessBlockConfiguration s3PublicAccessBlockConfiguration = new PublicAccessBlockConfiguration(); s3PublicAccessBlockConfiguration.BlockPublicAcls = true; s3PublicAccessBlockConfiguration.BlockPublicPolicy = true; s3PublicAccessBlockConfiguration.IgnorePublicAcls = true; s3PublicAccessBlockConfiguration.RestrictPublicBuckets = true; PutPublicAccessBlockRequest s3PublicAccessBlockRequest = new PutPublicAccessBlockRequest(); s3PublicAccessBlockRequest.BucketName = bucketName; s3PublicAccessBlockRequest.PublicAccessBlockConfiguration = s3PublicAccessBlockConfiguration; using (Task <PutPublicAccessBlockResponse> s3PutPublicAccessBlockResponse = _client.PutPublicAccessBlockAsync(s3PublicAccessBlockRequest)) { Console.WriteLine($"HTTP status code : {s3PutPublicAccessBlockResponse.Result.HttpStatusCode}"); } } } catch (System.AggregateException ex) { if (ex.InnerException != null) { Console.WriteLine($"Message: {ex.InnerException.Message}"); } } }
private PutPublicAccessBlockResponse Call_PutPublicAccessBlock(IAmazonS3 client, string bucketName, out PublicAccessBlockConfiguration configuration) { configuration = new PublicAccessBlockConfiguration { BlockPublicAcls = true, BlockPublicPolicy = true, IgnorePublicAcls = true, RestrictPublicBuckets = true }; PutPublicAccessBlockRequest putRequest = new PutPublicAccessBlockRequest { BucketName = bucketName, PublicAccessBlockConfiguration = configuration }; var putResponse = client.PutPublicAccessBlock(putRequest); Assert.AreEqual(true, putResponse.HttpStatusCode == HttpStatusCode.OK); return(putResponse); }
public void TestGetPublicAccessBlock() { string[] testProperties = { nameof(PublicAccessBlockConfiguration.BlockPublicAcls), nameof(PublicAccessBlockConfiguration.BlockPublicPolicy), nameof(PublicAccessBlockConfiguration.IgnorePublicAcls), nameof(PublicAccessBlockConfiguration.RestrictPublicBuckets) }; //Set each property in PublicAccessBlockConfiguration, do the put, then do the get to test that the value was set. foreach (string propertyName in testProperties) { var configuration = new PublicAccessBlockConfiguration { BlockPublicAcls = false, BlockPublicPolicy = false, IgnorePublicAcls = false, RestrictPublicBuckets = false }; var putRequest = new PutPublicAccessBlockRequest { BucketName = bucketName, PublicAccessBlockConfiguration = configuration }; System.Reflection.PropertyInfo property = putRequest.PublicAccessBlockConfiguration.GetType().GetProperty(propertyName); property.SetValue(configuration, true); var putResponse = Client.PutPublicAccessBlock(putRequest); Assert.AreEqual(true, putResponse.HttpStatusCode == HttpStatusCode.OK); Call_GetPublicAccessBlock(Client, bucketName, configuration); } }
private GetPublicAccessBlockResponse Call_GetPublicAccessBlock(IAmazonS3 client, string bucketName, PublicAccessBlockConfiguration expectedConfiguration) { var getRequest = new GetPublicAccessBlockRequest { BucketName = bucketName }; if (expectedConfiguration == null) { //If expectedConfiguration is null then we want GetPublicAccessBlock to throw an exception because the configuration was removed. //Wait until the configuration was removed / until an exception is thrown. UtilityMethods.WaitUntilException(() => { client.GetPublicAccessBlock(getRequest); }); Assert.Fail("An expected exception was not thrown"); } var getResponse = S3TestUtils.WaitForConsistency(() => { var res = client.GetPublicAccessBlock(getRequest); return(res.HttpStatusCode == HttpStatusCode.OK && expectedConfiguration.BlockPublicAcls == res.PublicAccessBlockConfiguration.BlockPublicAcls && expectedConfiguration.BlockPublicPolicy == res.PublicAccessBlockConfiguration.BlockPublicPolicy && expectedConfiguration.IgnorePublicAcls == res.PublicAccessBlockConfiguration.IgnorePublicAcls && expectedConfiguration.RestrictPublicBuckets == res.PublicAccessBlockConfiguration.RestrictPublicBuckets ? res : null); }); Assert.AreEqual(expectedConfiguration.BlockPublicAcls, getResponse.PublicAccessBlockConfiguration.BlockPublicAcls); Assert.AreEqual(expectedConfiguration.BlockPublicPolicy, getResponse.PublicAccessBlockConfiguration.BlockPublicPolicy); Assert.AreEqual(expectedConfiguration.IgnorePublicAcls, getResponse.PublicAccessBlockConfiguration.IgnorePublicAcls); Assert.AreEqual(expectedConfiguration.RestrictPublicBuckets, getResponse.PublicAccessBlockConfiguration.RestrictPublicBuckets); return(getResponse); }
private GetPublicAccessBlockResponse Call_GetPublicAccessBlock(IAmazonS3 client, string bucketName, PublicAccessBlockConfiguration expectedConfiguration) { var getRequest = new GetPublicAccessBlockRequest { BucketName = bucketName }; GetPublicAccessBlockResponse getResponse = null; var sleeper = new UtilityMethods.ListSleeper(500, 1000, 2000, 5000, 10000, 15000); UtilityMethods.WaitUntil(() => { getResponse = client.GetPublicAccessBlock(getRequest); if (expectedConfiguration == null) { //If expectedConfiguration is null then we want GetPublicAccessBlock to throw an exception because the configuration was removed. //Wait until the configuration was removed / until an exception is thrown. return(false); } return(getResponse.HttpStatusCode == HttpStatusCode.OK && expectedConfiguration.BlockPublicAcls == getResponse.PublicAccessBlockConfiguration.BlockPublicAcls && expectedConfiguration.BlockPublicPolicy == getResponse.PublicAccessBlockConfiguration.BlockPublicPolicy && expectedConfiguration.IgnorePublicAcls == getResponse.PublicAccessBlockConfiguration.IgnorePublicAcls && expectedConfiguration.RestrictPublicBuckets == getResponse.PublicAccessBlockConfiguration.RestrictPublicBuckets); }, sleeper, 30); Assert.AreEqual(true, getResponse != null && getResponse.HttpStatusCode == HttpStatusCode.OK); Assert.AreEqual(expectedConfiguration.BlockPublicAcls, getResponse.PublicAccessBlockConfiguration.BlockPublicAcls); Assert.AreEqual(expectedConfiguration.BlockPublicPolicy, getResponse.PublicAccessBlockConfiguration.BlockPublicPolicy); Assert.AreEqual(expectedConfiguration.IgnorePublicAcls, getResponse.PublicAccessBlockConfiguration.IgnorePublicAcls); Assert.AreEqual(expectedConfiguration.RestrictPublicBuckets, getResponse.PublicAccessBlockConfiguration.RestrictPublicBuckets); return(getResponse); }