public void MarshallXMLWithExtraEncodingTest(string toEncode, string expectedEncoding)
{
var request = new PutBucketTaggingRequest()
{
AccountId = "0123456789",
Bucket = "foo",
Tagging = new Tagging()
{
TagSet = new List <S3Tag>()
{
new S3Tag {
Key = "foo", Value = toEncode
}
}
}
};
var internalRequest = S3ControlArnTestUtils.RunMockRequest(request, PutBucketTaggingRequestMarshaller.Instance, new AmazonS3ControlConfig {
RegionEndpoint = RegionEndpoint.USEast1
});
var requestContent = System.Text.Encoding.UTF8.GetString(internalRequest.Content);
Assert.IsFalse(requestContent.Contains(toEncode));
Assert.IsTrue(requestContent.Contains(expectedEncoding));
}
public void ThrowExceptionGetAccessPointCustomEndpointAndOutpostsCrossRegionRequest()
{
var request = new GetAccessPointRequest
{
Name = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"
};
var config = CreateConfig("https://beta.example.com", Flags.None);
S3ControlArnTestUtils.RunMockRequest(request, GetAccessPointRequestMarshaller.Instance, config);
}
public void ThrowExceptionGetBucketCustomEndpointAndOutpostsDualstackNotSupported()
{
var request = new GetBucketRequest
{
Bucket = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"
};
var config = CreateConfig("https://beta.example.com", Flags.Dualstack);
S3ControlArnTestUtils.RunMockRequest(request, GetBucketRequestMarshaller.Instance, config);
}
public void ArnIdSetFieldIdNotSet()
{
var outpostArn = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostArn
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual("123456789012", marshalledRequest.Headers["x-amz-account-id"]);
}
public void OutpostsBucketInputUSWest2UseArnRegionFalse()
{
var outpostsBucketArn = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostsBucketArn
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual(new Uri("https://s3-outposts.us-west-2.amazonaws.com"), marshalledRequest.Endpoint);
Assert.AreEqual("op-01234567890123456", marshalledRequest.Headers[HeaderKeys.XAmzOutpostId]);
Assert.AreEqual("123456789012", marshalledRequest.Headers[HeaderKeys.XAmzAccountId]);
}
public void ListRegionalBucketsTest()
{
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2
};
var listRegionalBucketsRequest = new ListRegionalBucketsRequest
{
OutpostId = "op-01234567890123456",
AccountId = "123456789012"
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(listRegionalBucketsRequest, ListRegionalBucketsRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual(new Uri("https://s3-outposts.us-west-2.amazonaws.com"), marshalledRequest.Endpoint);
Assert.AreEqual("op-01234567890123456", marshalledRequest.Headers["x-amz-outpost-id"]);
Assert.AreEqual("123456789012", marshalledRequest.Headers["x-amz-account-id"]);
}
public void ListAccessPointsTest()
{
var bucketArn = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2
};
var listAccessPointsRequest = new ListAccessPointsRequest
{
Bucket = bucketArn
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(listAccessPointsRequest, ListAccessPointsRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual(new Uri("https://s3-outposts.us-west-2.amazonaws.com"), marshalledRequest.Endpoint);
Assert.AreEqual("op-01234567890123456", marshalledRequest.Headers["x-amz-outpost-id"]);
Assert.AreEqual("123456789012", marshalledRequest.Headers["x-amz-account-id"]);
}
public void ArnIdNotSetFieldIdSet()
{
var accessPoint = "myAccessPoint";
var s3ControlConfig = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var getAccessPointRequest = new GetAccessPointRequest
{
Name = accessPoint,
AccountId = "123456789012"
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(getAccessPointRequest, GetAccessPointRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual("123456789012", marshalledRequest.Headers["x-amz-account-id"]);
}
public void OutpostsBucketInputUSGovEast1UseArnRegionTrueSystemFips()
{
var outpostsBucketArn = "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.GetBySystemName("fips-us-gov-east-1"),
UseArnRegion = true
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostsBucketArn
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual(new Uri("https://s3-outposts.us-gov-east-1.amazonaws.com"), marshalledRequest.Endpoint);
Assert.AreEqual("op-01234567890123456", marshalledRequest.Headers[HeaderKeys.XAmzOutpostId]);
Assert.AreEqual("123456789012", marshalledRequest.Headers[HeaderKeys.XAmzAccountId]);
}
public void CreateBucketTest()
{
var bucketName = "testBucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
UseArnRegion = false,
RegionEndpoint = RegionEndpoint.USWest2
};
var createBucketRequest = new CreateBucketRequest
{
Bucket = bucketName,
OutpostId = "op-01234567890123456"
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(createBucketRequest, CreateBucketRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual(new Uri("https://s3-outposts.us-west-2.amazonaws.com"), marshalledRequest.Endpoint);
Assert.AreEqual("op-01234567890123456", marshalledRequest.Headers["x-amz-outpost-id"]);
}
public void ArnIdNotSetFieldIdNotSetException()
{
var outpostAccessPointName = "myAccessPoint";
var s3ControlConfig = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostAccessPointName,
};
var exception = Assert.ThrowsException <AmazonS3ControlException>(() => {
S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("AccountId can only contain alphanumeric characters and dashes and must be between 1 and 63 characters long.", exception.Message);
}
public void OutpostsBucketInputUSWest2UseArnRegionTrueInvalidArnException(string outpostsBucketArn)
{
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2,
UseArnRegion = true
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostsBucketArn
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Invalid ARN, outpost resource format is incorrect", exception.Message);
}
public void OutpostsAccessPointInputUSEast1UseArnRegionTrue()
{
var outpostsAccessPointArn = "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2,
UseArnRegion = true
};
var getAccessPointRequest = new GetAccessPointRequest
{
Name = outpostsAccessPointArn
};
var marshalledRequest = S3ControlArnTestUtils.RunMockRequest(getAccessPointRequest, GetAccessPointRequestMarshaller.Instance, s3ControlConfig);
Assert.AreEqual(new Uri("https://s3-outposts.us-east-1.amazonaws.com"), marshalledRequest.Endpoint);
Assert.AreEqual("op-01234567890123456", marshalledRequest.Headers[HeaderKeys.XAmzOutpostId]);
Assert.AreEqual("123456789012", marshalledRequest.Headers[HeaderKeys.XAmzAccountId]);
}
public void OutpostsBucketInputUSGovEast1UseArnRegionTrueFipsException()
{
var outpostsBucketArn = "arn:aws-us-gov:s3-outposts:fips-us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.GetBySystemName("fips-us-gov-east-1"),
UseArnRegion = true
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostsBucketArn
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Invalid configuration Outpost Buckets do not support Fips- regions", exception.Message);
}
public void OutpostsAccessPointInputCNNorth1UseArnRegionTrueCrossPartitionError()
{
var outpostsAccessPointArn = "arn:aws-cn:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2,
UseArnRegion = true
};
var getAccessPointRequest = new GetAccessPointRequest
{
Name = outpostsAccessPointArn
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getAccessPointRequest, GetAccessPointRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Invalid configuration, cross partition Outpost Access Point ARN", exception.Message);
}
public void ArnIdNotSetFieldIdNotSetInvalidArnException()
{
var accessPointName = "arn:aws:s3-outposts:us-west-2::outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var getAccessPointRequest = new GetAccessPointRequest
{
Name = accessPointName
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getAccessPointRequest, GetAccessPointRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Invalid ARN, Account ID not set", exception.Message);
}
public void OutpostsBucketInputUSEast1UseArnRegionFalseCrossRegionError()
{
var outpostsBucketArn = "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2,
UseArnRegion = false
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostsBucketArn
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Invalid configuration, cross region Outpost Bucket ARN", exception.Message);
}
public void ArnIdSetFieldIdSetMismatchException()
{
var accessPointName = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var getAccessPointRequest = new GetAccessPointRequest
{
AccountId = "923456789012",
Name = accessPointName
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getAccessPointRequest, GetAccessPointRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Account ID mismatch, the Account ID cannot be specified in an ARN and in the accountId field", exception.Message);
}
public void OutpostsBucketInputUSWest2UseArnRegionTrueDualstackException()
{
var outpostsBucketArn = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var s3ControlConfig = new AmazonS3ControlConfig
{
RegionEndpoint = RegionEndpoint.USWest2,
UseDualstackEndpoint = true,
UseArnRegion = true
};
var getBucketRequest = new GetBucketRequest
{
Bucket = outpostsBucketArn
};
var exception = Assert.ThrowsException <AmazonClientException>(() =>
{
S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, s3ControlConfig);
});
Assert.AreEqual("Invalid configuration Outpost Buckets do not support dualstack", exception.Message);
}
public void TestS3OutpostsSignerGetBucket()
{
var signer = new S3Signer();
var bucketArn = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket";
var getBucketRequest = new GetBucketRequest
{
Bucket = bucketArn
};
var config = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var originalAuthService = config.AuthenticationServiceName;
var iRequest = S3ControlArnTestUtils.RunMockRequest(getBucketRequest, GetBucketRequestMarshaller.Instance, config);
signer.Sign(iRequest, config, new RequestMetrics(), new ImmutableCredentials("ACCESS", "SECRET", ""));
Assert.IsTrue(iRequest.Headers.ContainsKey(HeaderKeys.AuthorizationHeader));
Assert.IsTrue((iRequest.Headers["Authorization"]).Contains("s3-outposts"));
Assert.IsTrue(config.AuthenticationServiceName == originalAuthService);
}
public void TestS3OutpostsSignerCreateAccessPointWithArn()
{
var signer = new S3Signer();
var createAccessPointRequest = new CreateAccessPointRequest
{
Bucket = "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket",
Name = "myaccesspoint",
};
var config = new AmazonS3ControlConfig
{
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var originalAuthService = config.AuthenticationServiceName;
var iRequest = S3ControlArnTestUtils.RunMockRequest(createAccessPointRequest, CreateAccessPointRequestMarshaller.Instance, config);
signer.Sign(iRequest, config, new RequestMetrics(), "ACCESS", "SECRET");
Assert.IsTrue(iRequest.Headers.ContainsKey(HeaderKeys.AuthorizationHeader));
Assert.IsTrue((iRequest.Headers["Authorization"]).Contains("s3-outposts"));
Assert.IsTrue(config.AuthenticationServiceName == originalAuthService);
}
private void RunTestRequest(AmazonWebServiceRequest request, IMarshaller <IRequest, AmazonWebServiceRequest> marshaller,
bool isArn, string serviceUrl, Flags flags,
string expectedUri, string expectedRegion, string expectedService)
{
var clientConfig = CreateConfig(serviceUrl, flags);
var internalRequest = S3ControlArnTestUtils.RunMockRequest(request, marshaller, clientConfig);
Assert.AreEqual(new Uri(expectedUri), internalRequest.Endpoint);
if (isArn)
{
Assert.AreEqual(expectedRegion, internalRequest.AuthenticationRegion);
Assert.AreEqual(expectedService, internalRequest.OverrideSigningServiceName);
}
var service = DetermineService(clientConfig);
var signingRegion = AWS4Signer.DetermineSigningRegion(clientConfig, service, internalRequest.AlternateEndpoint, internalRequest);
Assert.AreEqual(expectedRegion, signingRegion);
Assert.AreEqual(expectedService, internalRequest.OverrideSigningServiceName ?? service);
}
public void TestS3OutpostsSignerCreateBucket()
{
var signer = new S3Signer();
var createBucketRequest = new CreateBucketRequest
{
Bucket = "test",
OutpostId = "op-123456789012"
};
var config = new AmazonS3ControlConfig
{
SignatureVersion = "4",
UseArnRegion = true,
RegionEndpoint = RegionEndpoint.USWest2
};
var originalAuthService = config.AuthenticationServiceName;
var iRequest = S3ControlArnTestUtils.RunMockRequest(createBucketRequest, CreateBucketRequestMarshaller.Instance, config);
signer.Sign(iRequest, config, new RequestMetrics(), new ImmutableCredentials("ACCESS", "SECRET", ""));
Assert.IsTrue(iRequest.Headers.ContainsKey(HeaderKeys.AuthorizationHeader));
Assert.IsTrue((iRequest.Headers["Authorization"]).Contains("s3-outposts"));
Assert.IsTrue(config.AuthenticationServiceName == originalAuthService);
}
public void S3OutpostBucketARNTests(string bucketNameOrARNInput, string clientRegion, string additionalFlags, string useArnRegion, string expectedEndpoint, string expectedHeaders, string expectedSignedBy)
{
Console.WriteLine(string.Join(" | ", bucketNameOrARNInput, clientRegion, additionalFlags, useArnRegion, expectedEndpoint, expectedHeaders, expectedSignedBy));
Console.WriteLine();
// ARRANGE
// expectedEndpoint can be overloaded with the expected error message
var expectSuccess = expectedEndpoint.Contains("amazonaws.com");
// outputs to assert against:
IRequest s3Request = null;
Exception exception = null;
var request = new GetBucketRequest
{
Bucket = bucketNameOrARNInput,
AccountId = "123456789012"
};
var config = new AmazonS3ControlConfig
{
RegionEndpoint = clientRegion == "" ? null : RegionEndpoint.GetBySystemName(clientRegion),
UseArnRegion = useArnRegion == "" ? false : bool.Parse(useArnRegion)
};
if (additionalFlags.Contains("dualstack"))
{
config.UseDualstackEndpoint = true;
}
if (additionalFlags.Contains("fips"))
{
config.UseFIPSEndpoint = true;
}
if (additionalFlags.Contains("accelerate") && !expectSuccess)
{
// S3 Control Config does not allow setting accelerate, so it will not generate the expected error
return;
}
// ACT
try
{
s3Request = S3ControlArnTestUtils.RunMockRequest(request, GetBucketRequestMarshaller.Instance, config);
Console.WriteLine(s3Request.Endpoint.ToString());
Console.WriteLine();
}
catch (Exception e)
{
exception = e;
}
// ASSERT
if (expectSuccess)
{
Assert.IsNull(exception, exception?.Message + "\r\n" + exception?.StackTrace);
Assert.IsNotNull(s3Request);
AssertExtensions.UrlSuffixMatches(expectedEndpoint, s3Request.Endpoint);
AssertExtensions.ContainsHeaders(SpecMarkdownTestDataHelper.ParseExpectedHeaders(expectedHeaders), s3Request.Headers);
}
else
{
Assert.IsNull(s3Request);
Assert.IsNotNull(exception);
// reminder, expectedEndpoint also contains expected error message.
AssertExtensions.AssertAreSameWithEmbellishments(expectedEndpoint, exception.Message);
}
}
