protected override void ProcessRecord() { AmazonS3 client = base.GetClient(); Amazon.S3.Model.GetACLRequest request = new Amazon.S3.Model.GetACLRequest(); request.BucketName = this._BucketName; request.Key = this._Key; request.VersionId = this._VersionId; Amazon.S3.Model.GetACLResponse response = client.GetACL(request); }
public object Execute(ExecutorContext context) { var cmdletContext = context as CmdletContext; // create request var request = new Amazon.S3.Model.GetACLRequest(); if (cmdletContext.BucketName != null) { request.BucketName = cmdletContext.BucketName; } if (cmdletContext.ExpectedBucketOwner != null) { request.ExpectedBucketOwner = cmdletContext.ExpectedBucketOwner; } if (cmdletContext.Key != null) { request.Key = cmdletContext.Key; } if (cmdletContext.VersionId != null) { request.VersionId = cmdletContext.VersionId; } CmdletOutput output; // issue call var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint); try { var response = CallAWSServiceOperation(client, request); object pipelineOutput = null; pipelineOutput = cmdletContext.Select(response, this); output = new CmdletOutput { PipelineOutput = pipelineOutput, ServiceResponse = response }; } catch (Exception e) { output = new CmdletOutput { ErrorResponse = e }; } return(output); }
public async void Test_Blob_Properties_Updated_Async() { var container = GetRandomContainerName(); var blobName = GenerateRandomName(); var contentType = "image/jpg"; var newContentType = "image/png"; var data = GenerateRandomBlobStream(); await CreateNewObjectAsync(container, blobName, data, false, contentType); await _provider.UpdateBlobPropertiesAsync(container, blobName, new BlobProperties { ContentType = newContentType, Security = BlobSecurity.Public }); var objectMetaRequest = new GetObjectMetadataRequest() { BucketName = Bucket, Key = container + "/" + blobName }; var props = await _client.GetObjectMetadataAsync(objectMetaRequest); Assert.Equal(props.Headers.ContentType, newContentType); var objectAclRequest = new GetACLRequest() { BucketName = Bucket, Key = container + "/" + blobName }; var acl = await _client.GetACLAsync(objectAclRequest); var isPublic = acl.AccessControlList.Grants .Where(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers").Count() > 0; Assert.True(isPublic); }
/// <summary> /// <para>Returns the access control list (ACL) of an object.</para> /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the GetACL service method on AmazonS3.</param> /// /// <returns>The response from the GetACL service method, as returned by AmazonS3.</returns> public GetACLResponse GetACL(GetACLRequest request) { var task = GetACLAsync(request); try { return task.Result; } catch(AggregateException e) { ExceptionDispatchInfo.Capture(e.InnerException).Throw(); return null; } }
public async Task<IList<BlobDescriptor>> ListBlobsAsync(string containerName) { var descriptors = new List<BlobDescriptor>(); var objectsRequest = new ListObjectsRequest { BucketName = _bucket, Prefix = containerName, MaxKeys = 100000 }; try { do { var objectsResponse = await _s3Client.ListObjectsAsync(objectsRequest); foreach (S3Object entry in objectsResponse.S3Objects) { var objectMetaRequest = new GetObjectMetadataRequest() { BucketName = _bucket, Key = entry.Key }; var objectMetaResponse = await _s3Client.GetObjectMetadataAsync(objectMetaRequest); var objectAclRequest = new GetACLRequest() { BucketName = _bucket, Key = entry.Key }; var objectAclResponse = await _s3Client.GetACLAsync(objectAclRequest); var isPublic = objectAclResponse.AccessControlList.Grants.Any(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers"); descriptors.Add(new BlobDescriptor { Name = entry.Key.Remove(0, containerName.Length + 1), Container = containerName, Length = entry.Size, ETag = entry.ETag, ContentMD5 = entry.ETag, ContentType = objectMetaResponse.Headers.ContentType, LastModified = entry.LastModified, Security = isPublic ? BlobSecurity.Public : BlobSecurity.Private, ContentDisposition = objectMetaResponse.Headers.ContentDisposition, Metadata = objectMetaResponse.Metadata.ToMetadata(), }); } // If response is truncated, set the marker to get the next set of keys. if (objectsResponse.IsTruncated) { objectsRequest.Marker = objectsResponse.NextMarker; } else { objectsRequest = null; } } while (objectsRequest != null); return descriptors; } catch (AmazonS3Exception asex) { throw asex.ToStorageException(); } }
public Dictionary<string, DataTable> ScanProfile(ScanRequest Request) { Dictionary<string, DataTable> ScanResults = new Dictionary<string, DataTable>(); DataTable UserDetailsTable = GetUsersDetailsTable(); DataTable EC2DetailsTable = GetEC2DetailsTable(); DataTable S3DetailsTable = GetS3DetailsTable(); string accountid = ""; Amazon.Runtime.AWSCredentials credential; var aprofile = Request.Profile; var regions2process = Request.Regions; var SubmitResults = Request.ResultQueue; try { credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); //Try to get the AccountID ID// #region UserDetails var iam = new AmazonIdentityManagementServiceClient(credential); var myUserList = iam.ListUsers().Users; try { accountid = myUserList[0].Arn.Split(':')[4];//Get the ARN and extract the AccountID ID accountid = "ID: " + accountid;// Prefix added because Excel exsucks. } catch { accountid = "?"; } try // Send command to AWS to generate a Credential Report { var createcredreport = iam.GenerateCredentialReport(); } catch (Exception) { throw; } bool needreport = true; Amazon.IdentityManagement.Model.GetCredentialReportResponse credreport = new GetCredentialReportResponse(); DateTime getreportstart = DateTime.Now; DateTime getreportfinish = DateTime.Now; while (needreport) { try { credreport = iam.GetCredentialReport(); needreport = false; getreportfinish = DateTime.Now; var dif = getreportstart - getreportfinish; //Just a check on how long it takes. //Extract data from CSV Stream into DataTable var streambert = credreport.Content; streambert.Position = 0; StreamReader sr = new StreamReader(streambert); string myStringRow = sr.ReadLine(); if (myStringRow != null) myStringRow = sr.ReadLine();//Dump the header line while (myStringRow != null) { var arow = myStringRow.Split(",".ToCharArray()[0]); var newrow = new object[UserDetailsTable.Columns.Count]; newrow[0] = accountid; newrow[1] = aprofile; newrow[2] = ""; //UserID not in report. pull it later. newrow[3] = arow[0]; newrow[4] = arow[1]; newrow[5] = arow[2]; newrow[6] = arow[3]; newrow[7] = arow[4]; newrow[8] = arow[5]; newrow[9] = arow[6]; newrow[10] = arow[7]; newrow[11] = arow[8]; newrow[12] = arow[9]; newrow[13] = arow[10]; newrow[14] = arow[11]; newrow[15] = arow[12]; newrow[16] = arow[13]; newrow[17] = arow[14]; newrow[18] = arow[15]; newrow[19] = arow[16]; newrow[20] = arow[17]; newrow[21] = arow[18]; newrow[22] = arow[19]; newrow[23] = arow[20]; newrow[24] = arow[21]; RawUsers.Rows.Add(newrow); UserDetailsTable.Rows.Add(newrow); myStringRow = sr.ReadLine(); } sr.Close(); sr.Dispose(); } catch (Exception ex) { string test = ""; //Deal with this later if necessary. } } foreach (var auser in myUserList)//Fill in the userID. Why? because it exists. { string auserid = auser.UserId; string arn = auser.Arn; string username = auser.UserName; string policylist = ""; string aklist = ""; string groups = ""; ListAccessKeysRequest LAKREQ = new ListAccessKeysRequest(); LAKREQ.UserName = username; ListAccessKeysResult LAKRES = iam.ListAccessKeys(LAKREQ); foreach (var blivet in LAKRES.AccessKeyMetadata) { if (aklist.Length > 1) aklist += "\n"; aklist += blivet.AccessKeyId + " : " + blivet.Status; } ListAttachedUserPoliciesRequest LAUPREQ = new ListAttachedUserPoliciesRequest(); LAUPREQ.UserName = username; ListAttachedUserPoliciesResult LAUPRES = iam.ListAttachedUserPolicies(LAUPREQ); foreach (var apol in LAUPRES.AttachedPolicies) { if (policylist.Length > 1) policylist += "\n"; policylist += apol.PolicyName; } //Need to get policy and group info outta user var groopsreq = new ListGroupsForUserRequest(); groopsreq.UserName = username; ListGroupsForUserResult LG = iam.ListGroupsForUser(groopsreq); foreach (var agroup in LG.Groups) { if (groups.Length > 1) groups += "\n"; groups += agroup.GroupName; } foreach (DataRow myrow in UserDetailsTable.Rows) { if (myrow["ARN"].Equals(arn)) { myrow["UserID"] = auserid; myrow["User-Policies"] = policylist; myrow["Access-Keys"] = aklist; myrow["Groups"] = groups; } } } #endregion #region S3Details try { AmazonS3Client S3Client = new AmazonS3Client(credential,Amazon.RegionEndpoint.USEast1); ListBucketsResponse response = S3Client.ListBuckets(); foreach (S3Bucket abucket in response.Buckets) { DataRow abucketrow = GetS3DetailsTable().NewRow(); var name = abucket.BucketName; GetBucketLocationRequest gbr = new GetBucketLocationRequest(); gbr.BucketName=name; GetBucketLocationResponse location = S3Client.GetBucketLocation(gbr); var region = location.Location.Value; if (region.Equals(""))region="us-east-1"; var pointy = RegionEndpoint.GetBySystemName(region); //Build a config that references the buckets region. AmazonS3Config S3C = new AmazonS3Config(); S3C.RegionEndpoint=pointy; AmazonS3Client BS3Client = new AmazonS3Client(credential, S3C); var createddate = abucket.CreationDate; string owner = ""; string grants = ""; string tags = ""; string lastaccess = ""; string defaultpage = ""; string website = ""; //Now start pulling der einen data. GetACLRequest GACR = new GetACLRequest(); GACR.BucketName = name; var ACL = BS3Client.GetACL(GACR); var grantlist = ACL.AccessControlList; owner = grantlist.Owner.DisplayName; foreach (var agrant in grantlist.Grants) { if (grants.Length > 1) grants += "\n"; var gName = agrant.Grantee.DisplayName; var gType = agrant.Grantee.Type.Value; var aMail = agrant.Grantee.EmailAddress; if (gType.Equals("Group")) { grants += gType + " - " + agrant.Grantee.URI + " - " + agrant.Permission + " - " + aMail ; } else { grants += gName + " - "+ agrant.Permission + " - " + aMail; } } GetObjectMetadataRequest request = new GetObjectMetadataRequest(); request.BucketName = name; GetObjectMetadataResponse MDresponse = BS3Client.GetObjectMetadata(request); lastaccess = MDresponse.LastModified.ToString(); //defaultpage = MDresponse.WebsiteRedirectLocation; GetBucketWebsiteRequest GBWReq = new GetBucketWebsiteRequest(); GBWReq.BucketName = name; GetBucketWebsiteResponse GBWRes = BS3Client.GetBucketWebsite(GBWReq); defaultpage = GBWRes.WebsiteConfiguration.IndexDocumentSuffix; if (defaultpage != null) { website = @"http://" + name + @".s3-website-" + region + @".amazonaws.com/" + defaultpage; } //Amazon.S3.Model.req abucketrow["AccountID"] = accountid; abucketrow["Profile"] = aprofile; abucketrow["Bucket"] = name; abucketrow["Region"] = region; abucketrow["CreationDate"] = createddate.ToString(); abucketrow["LastAccess"] = lastaccess; abucketrow["Owner"] = owner; abucketrow["Grants"] = grants; abucketrow["WebsiteHosting"] = website; abucketrow["Logging"] = "X"; abucketrow["Events"] = "X"; abucketrow["Versioning"] = "X"; abucketrow["LifeCycle"] = "X"; abucketrow["Replication"] = "X"; abucketrow["Tags"] = "X"; abucketrow["RequesterPays"] = "X"; S3DetailsTable.Rows.Add(abucketrow.ItemArray); } } catch(Exception ex) { System.Windows.Forms.MessageBox.Show("S3 Failed!\n"+ex); } #endregion #region GetEC2Region ////////////////////////////////////////////////////////// //Foreach aregion foreach (var aregion in regions2process) { //Skip GovCloud and Beijing. They require special handling and I dont need em. if (aregion == Amazon.RegionEndpoint.USGovCloudWest1) continue; if (aregion == Amazon.RegionEndpoint.CNNorth1) continue; var region = aregion; regioncounter++; //Try to get scheduled events on my Profile/aregion var ec2 = AWSClientFactory.CreateAmazonEC2Client(credential, region); var request = new DescribeInstanceStatusRequest(); request.IncludeAllInstances = true; Dispatcher.Invoke(doupdatePbDelegate, System.Windows.Threading.DispatcherPriority.Background, new object[] { System.Windows.Controls.ProgressBar.ValueProperty, regioncounter }); var instatresponse = ec2.DescribeInstanceStatus(request); var indatarequest = new DescribeInstancesRequest(); foreach (var instat in instatresponse.InstanceStatuses) { indatarequest.InstanceIds.Add(instat.InstanceId); } DescribeInstancesResult DescResult = ec2.DescribeInstances(indatarequest); int count = instatresponse.InstanceStatuses.Count(); foreach (var instat in instatresponse.InstanceStatuses) { //Collect the datases string instanceid = instat.InstanceId; string instancename = ""; ProcessingLabel.Content = "Scanning -> Profile:" + aprofile + " Region: " + region + " Instance: " + instanceid; Dispatcher.Invoke(doupdatePbDelegate, System.Windows.Threading.DispatcherPriority.Background, new object[] { System.Windows.Controls.ProgressBar.ValueProperty, regioncounter }); var status = instat.Status.Status; string AZ = instat.AvailabilityZone; var istate = instat.InstanceState.Name; string profile = aprofile; string myregion = region.ToString(); int eventnumber = instat.Events.Count(); string eventlist = ""; var urtburgle = DescResult.Reservations; string tags = ""; // Holds the list of tags to print out. var loadtags = (from t in DescResult.Reservations where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].Tags).AsEnumerable(); Dictionary<string, string> taglist = new Dictionary<string, string>(); foreach (var rekey in loadtags) { foreach (var kvp in rekey) { taglist.Add(kvp.Key, kvp.Value); } } foreach (var atag in taglist)//Set instancename, and add value to combobox. { if (atag.Key.Equals("Name")) { instancename = atag.Value; } if (!TagFilterCombo.Items.Contains(atag.Key)) { TagFilterCombo.Items.Add(atag.Key); } if (tags.Length > 1) { tags += "\n" + atag.Key + ":" + atag.Value; } else { tags += atag.Key + ":" + atag.Value; } } if (eventnumber > 0) { foreach (var anevent in instat.Events) { eventlist += anevent.Description + "\n"; } } var platform = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].Platform).FirstOrDefault(); if (String.IsNullOrEmpty(platform)) platform = "Linux"; var Priv_IP = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].PrivateIpAddress).FirstOrDefault(); if (String.IsNullOrEmpty(Priv_IP)) Priv_IP = "?"; var publicIP = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].PublicIpAddress).FirstOrDefault(); if (String.IsNullOrEmpty(publicIP)) publicIP = ""; var publicDNS = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].PublicDnsName).FirstOrDefault(); if (String.IsNullOrEmpty(publicDNS)) publicDNS = ""; //Virtualization type (HVM, Paravirtual) var ivirtType = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].VirtualizationType).FirstOrDefault(); if (String.IsNullOrEmpty(ivirtType)) ivirtType = "?"; // InstanceType (m3/Large etc) var instancetype = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].InstanceType).FirstOrDefault(); if (String.IsNullOrEmpty(instancetype)) instancetype = "?"; var SGs = (from t in urtburgle where t.Instances[0].InstanceId.Equals(instanceid) select t.Instances[0].SecurityGroups); string sglist = ""; if (SGs.Count() > 0) { foreach (var ansg in SGs.FirstOrDefault()) { if (sglist.Length > 2) { sglist += "\n"; } sglist += ansg.GroupName; } } else { sglist = "_NONE!_"; } //Add to table if (String.IsNullOrEmpty(sglist)) sglist = "NullOrEmpty"; if (String.IsNullOrEmpty(instancename)) instancename = ""; string rabbit = accountid + profile + myregion + instancename + instanceid + AZ + status + eventnumber + eventlist + tags + Priv_IP + publicIP + publicDNS + istate + ivirtType + instancetype + sglist; if(instancename.Contains("p1-job")) { string yup = "y"; } EC2DetailsTable.Rows.Add(accountid, profile, myregion, instancename, instanceid, AZ, platform, status, eventnumber, eventlist, tags, Priv_IP, publicIP, publicDNS, istate, ivirtType, instancetype, sglist); } } #endregion ScanResults.Add("EC2", EC2DetailsTable); ScanResults.Add("Users", UserDetailsTable); ScanResults.Add("S3", S3DetailsTable); return ScanResults; } catch (Exception ex) { //If we failed to connect with creds. string error = new string(ex.ToString().TakeWhile(c => c != '\n').ToArray()); System.Windows.MessageBox.Show(error, Request.Profile.ToString() + " credentials failed to work.\n"); //Try to flag the menu item so it no longer selectable, and maybe make she red. System.Windows.Controls.MenuItem Proot = (System.Windows.Controls.MenuItem)this.MainMenu.Items[1]; foreach (System.Windows.Controls.MenuItem amenuitem in Proot.Items) { if (amenuitem.Header.ToString() == aprofile.ToString()) { amenuitem.IsCheckable = false; amenuitem.IsChecked = false; amenuitem.Background = Brushes.Red; amenuitem.ToolTip = Request.Profile.ToString() + " credentials failed to work.\n"; } } ScanResults.Add("EC2", GetEC2DetailsTable()); ScanResults.Add("Users", GetUsersDetailsTable()); ScanResults.Add("S3", GetS3DetailsTable()); return ScanResults; } }
IAsyncResult invokeGetACL(GetACLRequest getACLRequest, AsyncCallback callback, object state, bool synchronized) { IRequest irequest = new GetACLRequestMarshaller().Marshall(getACLRequest); var unmarshaller = GetACLResponseUnmarshaller.GetInstance(); AsyncResult result = new AsyncResult(irequest, callback, state, synchronized, signer, unmarshaller); Invoke(result); return result; }
internal GetACLResponse GetACL(GetACLRequest request) { var marshaller = new GetACLRequestMarshaller(); var unmarshaller = GetACLResponseUnmarshaller.Instance; return Invoke<GetACLRequest,GetACLResponse>(request, marshaller, unmarshaller); }
/// <summary> /// Initiates the asynchronous execution of the GetACL operation. /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the GetACL operation on AmazonS3Client.</param> /// <param name="callback">An Action delegate that is invoked when the operation completes.</param> /// <param name="options">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback /// procedure using the AsyncState property.</param> public void GetACLAsync(GetACLRequest request, AmazonServiceCallback<GetACLRequest, GetACLResponse> callback, AsyncOptions options = null) { options = options == null?new AsyncOptions():options; var marshaller = new GetACLRequestMarshaller(); var unmarshaller = GetACLResponseUnmarshaller.Instance; Action<AmazonWebServiceRequest, AmazonWebServiceResponse, Exception, AsyncOptions> callbackHelper = null; if(callback !=null ) callbackHelper = (AmazonWebServiceRequest req, AmazonWebServiceResponse res, Exception ex, AsyncOptions ao) => { AmazonServiceResult<GetACLRequest,GetACLResponse> responseObject = new AmazonServiceResult<GetACLRequest,GetACLResponse>((GetACLRequest)req, (GetACLResponse)res, ex , ao.State); callback(responseObject); }; BeginInvoke<GetACLRequest>(request, marshaller, unmarshaller, options, callbackHelper); }
/// <summary> /// <para>Returns the access control list (ACL) of an object.</para> /// </summary> /// /// <param name="getACLRequest">Container for the necessary parameters to execute the GetACL service method on AmazonS3.</param> /// /// <returns>The response from the GetACL service method, as returned by AmazonS3.</returns> /// public GetACLResponse GetACL(GetACLRequest getACLRequest) { IAsyncResult asyncResult = invokeGetACL(getACLRequest, null, null, true); return EndGetACL(asyncResult); }
/// <summary> /// Initiates the asynchronous execution of the GetACL operation. /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the GetACL operation on AmazonS3Client.</param> /// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param> /// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback /// procedure using the AsyncState property.</param> /// /// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetACL /// operation.</returns> public IAsyncResult BeginGetACL(GetACLRequest request, AsyncCallback callback, object state) { var marshaller = new GetACLRequestMarshaller(); var unmarshaller = GetACLResponseUnmarshaller.Instance; return BeginInvoke<GetACLRequest>(request, marshaller, unmarshaller, callback, state); }
/// <summary> /// Gets the access control policy for the bucket. /// </summary> /// <param name="bucketName">A property of GetACLRequest used to execute the GetACL service method.</param> /// <param name="cancellationToken"> /// A cancellation token that can be used by other objects or threads to receive notice of cancellation. /// </param> /// /// <returns>The response from the GetACL service method, as returned by S3.</returns> public Task<GetACLResponse> GetACLAsync(string bucketName, System.Threading.CancellationToken cancellationToken = default(CancellationToken)) { var request = new GetACLRequest(); request.BucketName = bucketName; return GetACLAsync(request, cancellationToken); }
private void SetAcltoObject(string key) { try { var versionsRequest = new ListVersionsRequest { BucketName = Utilities.MyConfig.BucketKey, Prefix = key }; var result = _amazons3.ListVersions(versionsRequest); foreach (S3ObjectVersion s3ObjectVersion in result.Versions) { if (!s3ObjectVersion.IsDeleteMarker) { try { // Get ACL. var getRequest = new GetACLRequest { BucketName = Utilities.MyConfig.BucketKey, Key = key, VersionId = s3ObjectVersion.VersionId }; GetACLResponse getResponse = _amazons3.GetACL(getRequest); if (getResponse.AccessControlList.Grants.Count < 2) { S3AccessControlList acl = getResponse.AccessControlList; getResponse.Dispose(); //acl.Grants.Clear(); //var grantee0 = new S3Grantee(); //grantee0.WithCanonicalUser(acl.Owner.Id, acl.Owner.DisplayName); //acl.AddGrant(grantee0, S3Permission.FULL_CONTROL); var grantee1 = new S3Grantee(); grantee1.WithURI("http://acs.amazonaws.com/groups/global/AllUsers"); acl.AddGrant(grantee1, S3Permission.READ); var request = new SetACLRequest { BucketName = Utilities.MyConfig.BucketKey, ACL = acl, Key = key, VersionId = s3ObjectVersion.VersionId }; SetACLResponse response = _amazons3.SetACL(request); response.Dispose(); } } catch (Exception) { // Todo return; } } } } catch (Exception) { return; } }
public void Test_J_GetObjectACL_And_Check_For_Permission_Returned() { bool hasCallbackArrived = false; string actualValue = string.Empty; string expectedValue = S3Permission.FULL_CONTROL.ToString(); S3ResponseEventHandler<object, ResponseEventArgs> handler = null; handler = delegate(object sender, ResponseEventArgs args) { IS3Response result = args.Response; //Unhook from event. _client.OnS3Response -= handler; GetACLResponse response = result as GetACLResponse; if (null != response) actualValue = response.AccessControlList.Grants[0].Permission.ToString(); hasCallbackArrived = true; }; //Hook to event _client.OnS3Response += handler; //Create request object. GetACLRequest request = new GetACLRequest { BucketName = _bucketName, Key = _key }; _client.GetACL(request); EnqueueConditional(() => hasCallbackArrived); EnqueueCallback(() => Assert.IsTrue(expectedValue == actualValue)); EnqueueTestComplete(); }
public void Test_GetObjectACL_With_NonExisting_Key_And_Check_Error_Message() { bool hasCallbackArrived = false; string actualValue = string.Empty; string expectedValue = "NoSuchKey"; string nonExistingKey = "poiuytrewdq"; S3ResponseEventHandler<object, ResponseEventArgs> handler = null; handler = delegate(object sender, ResponseEventArgs args) { IS3Response result = args.Response; //Unhook from event. _client.OnS3Response -= handler; AmazonS3Exception exceptionResponse = result as AmazonS3Exception; if (null != exceptionResponse) { actualValue = exceptionResponse.ErrorCode; } hasCallbackArrived = true; }; //Hook to event _client.OnS3Response += handler; //Create request object. GetACLRequest request = new GetACLRequest { BucketName = _bucketName, Key = nonExistingKey }; _client.GetACL(request); EnqueueConditional(() => hasCallbackArrived); EnqueueCallback(() => Assert.IsTrue(expectedValue == actualValue)); EnqueueTestComplete(); }
/// <summary> /// Sets the server side encryption method for the S3 Object's Version to the value /// specified. /// </summary> /// <param name="bucketName">The name of the bucket in which the key is stored</param> /// <param name="key">The key of the S3 Object</param> /// <param name="version">The version of the S3 Object</param> /// <param name="method">The server side encryption method</param> /// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param> /// <seealso cref="T:Amazon.S3.Model.S3StorageClass"/> public static void SetServerSideEncryption(string bucketName, string key, string version, ServerSideEncryptionMethod method, AmazonS3 s3Client) { if (null == s3Client) { throw new ArgumentNullException("s3Client", "Please specify an S3 Client to make service requests."); } // Get the existing ACL of the object GetACLRequest getACLRequest = new GetACLRequest(); getACLRequest.BucketName = bucketName; getACLRequest.Key = key; if (version != null) getACLRequest.VersionId = version; GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest); ListObjectsResponse listObjectResponse = s3Client.ListObjects(new ListObjectsRequest() .WithBucketName(bucketName) .WithPrefix(key) .WithMaxKeys(1)); if (listObjectResponse.S3Objects.Count != 1) { throw new ArgumentNullException("No object exists with this bucket name and key."); } // Set the storage class on the object CopyObjectRequest copyRequest = new CopyObjectRequest(); copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName; copyRequest.SourceKey = copyRequest.DestinationKey = key; copyRequest.StorageClass = listObjectResponse.S3Objects[0].StorageClass == "STANDARD" ? S3StorageClass.Standard : S3StorageClass.ReducedRedundancy; if (version != null) copyRequest.SourceVersionId = version; copyRequest.ServerSideEncryptionMethod = method; // The copyRequest's Metadata directive is COPY by default CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest); // Set the object's original ACL back onto it because a COPY // operation resets the ACL on the destination object. SetACLRequest setACLRequest = new SetACLRequest(); setACLRequest.BucketName = bucketName; setACLRequest.Key = key; if (version != null) setACLRequest.VersionId = copyResponse.VersionId; setACLRequest.ACL = getACLResponse.AccessControlList; s3Client.SetACL(setACLRequest); }
public DataTable GetS3Buckets(string aprofile,string Region2Scan) { string accountid = GetAccountID(aprofile); Amazon.Runtime.AWSCredentials credential; DataTable ToReturn = AWSTables.GetComponentTable("S3"); RegionEndpoint Endpoint2scan = RegionEndpoint.USEast1; //Convert the Region2Scan to an AWS Endpoint. foreach (var aregion in RegionEndpoint.EnumerableAllRegions) { if (aregion.DisplayName.Equals(Region2Scan)) { Endpoint2scan = aregion; continue; } } //Query Cloudwatch to get list of buckets and sizes in this here region var Sizetable = S3SizeCloudWatch(aprofile, Region2Scan); int sizerows = Sizetable.Rows.Count; try { credential = new Amazon.Runtime.StoredProfileAWSCredentials(aprofile); AmazonS3Client S3Client = new AmazonS3Client(credential, Endpoint2scan); ListBucketsResponse response = S3Client.ListBuckets(); //Why are we getting USEast buckets? Because the Cloudwatch returns buckets by region, but list buckets does care about regions! foreach (S3Bucket abucket in response.Buckets) { DataRow abucketrow = ToReturn.NewRow(); var name = abucket.BucketName; DataRow bucketsizedata = AWSTables.GetS3SizesTable().NewRow(); Boolean havesize = true; try//Lookup the record in the Sizetable for this bucket. { //This is equivalent to the LINQ query. Boolean foundinsizetable = false; List<string> bn = new List<string>(); foreach(var rabbit in Sizetable.AsEnumerable()) { String thisun = rabbit["Bucket"].ToString(); bn.Add(thisun); if (thisun.Equals(name)) { bucketsizedata = rabbit; foundinsizetable = true; } } if(!foundinsizetable) { bn.Sort(); if (bn.Contains(name)) { string rabbit = "Yes it does!"; } //why not? } if (bucketsizedata == null) { abucketrow["EndDate"] = AWSTables.Shrug; havesize = false; } } catch { } try { GetBucketLocationRequest gbr = new GetBucketLocationRequest(); gbr.BucketName = name; GetBucketLocationResponse location = S3Client.GetBucketLocation(gbr); var region = location.Location.Value; if (region.Equals("")) { region = "us-east-1"; } if (!region.Contains(Endpoint2scan.SystemName)) { name = name;//Bucketname region = region;//BucketRegion string target = Endpoint2scan.SystemName; continue; } var pointy = RegionEndpoint.GetBySystemName(region); //Build a config that references the buckets region. AmazonS3Config S3C = new AmazonS3Config(); S3C.RegionEndpoint = pointy; AmazonS3Client BS3Client = new AmazonS3Client(credential, S3C); var authregion = ""; var EP = BS3Client.Config.RegionEndpoint.DisplayName; if (String.IsNullOrEmpty(BS3Client.Config.RegionEndpoint.DisplayName)) authregion = ""; else { authregion = BS3Client.Config.AuthenticationRegion; } string authservice = ""; if (string.IsNullOrEmpty(BS3Client.Config.AuthenticationServiceName)) authservice = ""; else { authservice = BS3Client.Config.AuthenticationServiceName; } var createddate = abucket.CreationDate; string owner = ""; string grants = ""; string tags = ""; string lastaccess = ""; string defaultpage = ""; string website = ""; //Now start pulling der einen data. GetACLRequest GACR = new GetACLRequest(); GACR.BucketName = name; var ACL = BS3Client.GetACL(GACR); var grantlist = ACL.AccessControlList; owner = grantlist.Owner.DisplayName; foreach (var agrant in grantlist.Grants) { if (grants.Length > 1) grants += "\n"; var gName = agrant.Grantee.DisplayName; var gType = agrant.Grantee.Type.Value; var aMail = agrant.Grantee.EmailAddress; if (gType.Equals("Group")) { grants += gType + " - " + agrant.Grantee.URI + " - " + agrant.Permission + " - " + aMail; } else { grants += gName + " - " + agrant.Permission + " - " + aMail; } } GetBucketWebsiteRequest GBWReq = new GetBucketWebsiteRequest(); GBWReq.BucketName = name; GetBucketWebsiteResponse GBWRes = BS3Client.GetBucketWebsite(GBWReq); defaultpage = GBWRes.WebsiteConfiguration.IndexDocumentSuffix; if (defaultpage != null) { website = @"http://" + name + @".s3-website-" + region + @".amazonaws.com/" + defaultpage; } abucketrow["AccountID"] = accountid; abucketrow["Profile"] = aprofile; abucketrow["Bucket"] = name; abucketrow["Region"] = region; abucketrow["RegionEndpoint"] = EP; abucketrow["AuthRegion"] = authregion; abucketrow["AuthService"] = authservice; abucketrow["CreationDate"] = createddate.ToString(); abucketrow["LastAccess"] = lastaccess; abucketrow["Owner"] = owner; abucketrow["Grants"] = grants; abucketrow["StartDate"] = "NA"; abucketrow["StartSizeMin"] = "NA"; abucketrow["StartSizeAVG"] = "NA"; abucketrow["StartSizeMax"] = "NA"; abucketrow["EndDate"] = "NA"; abucketrow["EndSizeMin"] = "NA"; abucketrow["EndSizeAVG"] = "NA"; abucketrow["EndSizeMax"] = "NA"; abucketrow["EndSizeMaxBytes"] = 0; if (havesize) { abucketrow["StartDate"] = bucketsizedata["StartDate"]; abucketrow["StartSizeMin"] = bucketsizedata["StartSizeMin"]; abucketrow["StartSizeAVG"] = bucketsizedata["StartSizeAVG"]; abucketrow["StartSizeMax"] = bucketsizedata["StartSizeMax"]; abucketrow["EndDate"] = bucketsizedata["EndDate"]; abucketrow["EndSizeMin"] = bucketsizedata["EndSizeMin"]; abucketrow["EndSizeAVG"] = bucketsizedata["EndSizeAVG"]; abucketrow["EndSizeMax"] = bucketsizedata["EndSizeMax"]; abucketrow["EndSizeMaxBytes"] = bucketsizedata["EndSizeMaxBytes"]; } abucketrow["WebsiteHosting"] = website; abucketrow["Logging"] = "X"; abucketrow["Events"] = "X"; abucketrow["Versioning"] = "X"; abucketrow["LifeCycle"] = "X"; abucketrow["Replication"] = "X"; abucketrow["Tags"] = "X"; abucketrow["RequesterPays"] = "X"; ToReturn.Rows.Add(abucketrow.ItemArray); } catch (Exception ex) { abucketrow["AccountID"] = accountid; abucketrow["Profile"] = aprofile; abucketrow["Bucket"] = name; abucketrow["Region"] = ex.InnerException.Message; if (havesize) { abucketrow["StartDate"] = bucketsizedata["StartDate"]; abucketrow["StartSizeMin"] = bucketsizedata["StartSizeMin"]; abucketrow["StartSizeAVG"] = bucketsizedata["StartSizeAVG"]; abucketrow["StartSizeMax"] = bucketsizedata["StartSizeMax"]; abucketrow["EndDate"] = bucketsizedata["EndDate"]; abucketrow["EndSizeMin"] = bucketsizedata["EndSizeMin"]; abucketrow["EndSizeAVG"] = bucketsizedata["EndSizeAVG"]; abucketrow["EndSizeMax"] = bucketsizedata["EndSizeMax"]; abucketrow["EndSizeMaxBytes"] = bucketsizedata["EndSizeMaxBytes"]; } else { abucketrow["StartDate"] = "NA"; abucketrow["StartSizeMin"] = "NA"; abucketrow["StartSizeAVG"] = "NA"; abucketrow["StartSizeMax"] = "NA"; abucketrow["EndDate"] = "NA"; abucketrow["EndSizeMin"] = "NA"; abucketrow["EndSizeAVG"] = "NA"; abucketrow["EndSizeMax"] = "NA"; abucketrow["EndSizeMaxBytes"] = 0; } ToReturn.Rows.Add(abucketrow.ItemArray); } } } catch(Exception ex) { //Croak } int sizesreturned = Sizetable.Rows.Count; int rowsreturned = ToReturn.Rows.Count; return ToReturn; }
/// <summary> /// Gets the access control policy for the bucket. /// </summary> /// <param name="bucketName">A property of GetACLRequest used to execute the GetACL service method.</param> /// /// <returns>The response from the GetACL service method, as returned by S3.</returns> public GetACLResponse GetACL(string bucketName) { var request = new GetACLRequest(); request.BucketName = bucketName; return GetACL(request); }
private Amazon.S3.Model.GetACLResponse CallAWSServiceOperation(IAmazonS3 client, Amazon.S3.Model.GetACLRequest request) { Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "Amazon Simple Storage Service (S3)", "GetACL"); try { #if DESKTOP return(client.GetACL(request)); #elif CORECLR return(client.GetACLAsync(request).GetAwaiter().GetResult()); #else #error "Unknown build edition" #endif } catch (AmazonServiceException exc) { var webException = exc.InnerException as System.Net.WebException; if (webException != null) { throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException); } throw; } }
/// <summary> /// Gets the access control policy for the bucket. /// </summary> /// <param name="bucketName">A property of GetACLRequest used to execute the GetACL service method.</param> /// <param name="callback">An Action delegate that is invoked when the operation completes.</param> /// <param name="options"> /// A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback /// procedure using the AsyncState property. /// </param> /// /// <returns>The response from the GetACL service method, as returned by S3.</returns> public void GetACLAsync(string bucketName, AmazonServiceCallback<GetACLRequest, GetACLResponse> callback, AsyncOptions options = null) { var request = new GetACLRequest(); request.BucketName = bucketName; GetACLAsync(request, callback, options); }
/// <summary> /// <para>Returns the access control list (ACL) of an object.</para> /// </summary> /// /// <param name="getACLRequest">Container for the necessary parameters to execute the GetACL service method on AmazonS3.</param> /// /// <returns>The response from the GetACL service method, as returned by AmazonS3.</returns> /// <param name="cancellationToken"> /// A cancellation token that can be used by other objects or threads to receive notice of cancellation. /// </param> public async Task<GetACLResponse> GetACLAsync(GetACLRequest getACLRequest, CancellationToken cancellationToken = default(CancellationToken)) { var marshaller = new GetACLRequestMarshaller(); var unmarshaller = GetACLResponseUnmarshaller.GetInstance(); var response = await Invoke<IRequest, GetACLRequest, GetACLResponse>(getACLRequest, marshaller, unmarshaller, signer, cancellationToken) .ConfigureAwait(continueOnCapturedContext: false); return response; }
/// <summary> /// Sets up the request needed to make an exact copy of the object leaving the parent method /// the ability to change just the attribute being requested to change. /// </summary> /// <param name="bucketName"></param> /// <param name="key"></param> /// <param name="version"></param> /// <param name="s3Client"></param> /// <param name="copyRequest"></param> /// <param name="setACLRequest"></param> static void SetupForObjectModification(string bucketName, string key, string version, AmazonS3 s3Client, out CopyObjectRequest copyRequest, out SetACLRequest setACLRequest) { // Get the existing ACL of the object GetACLRequest getACLRequest = new GetACLRequest(); getACLRequest.BucketName = bucketName; getACLRequest.Key = key; if (version != null) getACLRequest.VersionId = version; GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest); // Set the object's original ACL back onto it because a COPY // operation resets the ACL on the destination object. setACLRequest = new SetACLRequest(); setACLRequest.BucketName = bucketName; setACLRequest.Key = key; setACLRequest.ACL = getACLResponse.AccessControlList; ListObjectsResponse listObjectResponse = s3Client.ListObjects(new ListObjectsRequest() .WithBucketName(bucketName) .WithPrefix(key) .WithMaxKeys(1)); if (listObjectResponse.S3Objects.Count != 1) { throw new ArgumentNullException("No object exists with this bucket name and key."); } GetObjectMetadataRequest getMetaRequest = new GetObjectMetadataRequest() { BucketName = bucketName, Key = key }; GetObjectMetadataResponse getMetaResponse = s3Client.GetObjectMetadata(getMetaRequest); // Set the storage class on the object copyRequest = new CopyObjectRequest(); copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName; copyRequest.SourceKey = copyRequest.DestinationKey = key; copyRequest.StorageClass = listObjectResponse.S3Objects[0].StorageClass == "STANDARD" ? S3StorageClass.Standard : S3StorageClass.ReducedRedundancy; if (version != null) copyRequest.SourceVersionId = version; copyRequest.WebsiteRedirectLocation = getMetaResponse.WebsiteRedirectLocation; copyRequest.ServerSideEncryptionMethod = getMetaResponse.ServerSideEncryptionMethod; }
private void setS3Permission(String bucketName, String key) { // Get the ACL for the file and retrieve the owner ID (not sure how to get it otherwise). GetACLRequest getAclRequest = new GetACLRequest().WithBucketName(bucketName).WithKey(key); GetACLResponse aclResponse = s3.GetACL(getAclRequest); Owner owner = aclResponse.AccessControlList.Owner; // Create a grantee as the MessageGears account S3Grantee grantee = new S3Grantee().WithCanonicalUser(properties.MessageGearsAWSCanonicalId, "MessageGears"); // Grant MessageGears Read-only access S3Permission messageGearsPermission = S3Permission.READ; S3AccessControlList acl = new S3AccessControlList().WithOwner(owner); acl.AddGrant(grantee, messageGearsPermission); // Create a new ACL granting the owner full control. grantee = new S3Grantee().WithCanonicalUser(owner.Id, "MyAWSId"); acl.AddGrant(grantee, S3Permission.FULL_CONTROL); SetACLRequest aclRequest = new SetACLRequest().WithACL(acl).WithBucketName(bucketName).WithKey(key); s3.SetACL(aclRequest); }
/// <summary> /// Initiates the asynchronous execution of the GetACL operation. /// <seealso cref="Amazon.S3.IAmazonS3.GetACL"/> /// </summary> /// /// <param name="getACLRequest">Container for the necessary parameters to execute the GetACL operation on AmazonS3.</param> /// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param> /// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback /// procedure using the AsyncState property.</param> /// /// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetACL /// operation.</returns> public IAsyncResult BeginGetACL(GetACLRequest getACLRequest, AsyncCallback callback, object state) { return invokeGetACL(getACLRequest, callback, state, false); }
/// <summary> /// <para>Returns the access control list (ACL) of an object.</para> /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the GetACL service method on AmazonS3.</param> /// /// <returns>The response from the GetACL service method, as returned by AmazonS3.</returns> public GetACLResponse GetACL(GetACLRequest request) { var task = GetACLAsync(request); try { return task.Result; } catch(AggregateException e) { throw e.InnerException; } }
/// <summary> /// Sets the storage class for the S3 Object's Version to the value /// specified. /// </summary> /// <param name="bucketName">The name of the bucket in which the key is stored</param> /// <param name="key">The key of the S3 Object whose storage class needs changing</param> /// <param name="version">The version of the S3 Object whose storage class needs changing</param> /// <param name="sClass">The new Storage Class for the object</param> /// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param> /// <seealso cref="T:Amazon.S3.Model.S3StorageClass"/> public static void SetObjectStorageClass(string bucketName, string key, string version, S3StorageClass sClass, AmazonS3 s3Client) { if (sClass > S3StorageClass.ReducedRedundancy || sClass < S3StorageClass.Standard) { throw new ArgumentException("Invalid value specified for storage class."); } if (null == s3Client) { throw new ArgumentNullException("s3Client", "Please specify an S3 Client to make service requests."); } // Get the existing ACL of the object GetACLRequest getACLRequest = new GetACLRequest(); getACLRequest.BucketName = bucketName; getACLRequest.Key = key; if(version != null) getACLRequest.VersionId = version; GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest); // Set the storage class on the object CopyObjectRequest copyRequest = new CopyObjectRequest(); copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName; copyRequest.SourceKey = copyRequest.DestinationKey = key; if (version != null) copyRequest.SourceVersionId = version; copyRequest.StorageClass = sClass; // The copyRequest's Metadata directive is COPY by default CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest); // Set the object's original ACL back onto it because a COPY // operation resets the ACL on the destination object. SetACLRequest setACLRequest = new SetACLRequest(); setACLRequest.BucketName = bucketName; setACLRequest.Key = key; if (version != null) setACLRequest.VersionId = copyResponse.VersionId; setACLRequest.ACL = getACLResponse.AccessControlList; s3Client.SetACL(setACLRequest); }
/// <summary> /// Initiates the asynchronous execution of the GetACL operation. /// <seealso cref="Amazon.S3.IAmazonS3.GetACL"/> /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the GetACL operation.</param> /// <param name="cancellationToken"> /// A cancellation token that can be used by other objects or threads to receive notice of cancellation. /// </param> /// <returns>The task object representing the asynchronous operation.</returns> public Task<GetACLResponse> GetACLAsync(GetACLRequest request, CancellationToken cancellationToken = default(CancellationToken)) { var marshaller = new GetACLRequestMarshaller(); var unmarshaller = GetACLResponseUnmarshaller.GetInstance(); return Invoke<IRequest, GetACLRequest, GetACLResponse>(request, marshaller, unmarshaller, signer, cancellationToken); }
/// <summary> /// Initiates the asynchronous execution of the GetACL operation. /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the GetACL operation.</param> /// <param name="cancellationToken"> /// A cancellation token that can be used by other objects or threads to receive notice of cancellation. /// </param> /// <returns>The task object representing the asynchronous operation.</returns> public Task<GetACLResponse> GetACLAsync(GetACLRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken)) { var marshaller = new GetACLRequestMarshaller(); var unmarshaller = GetACLResponseUnmarshaller.Instance; return InvokeAsync<GetACLRequest,GetACLResponse>(request, marshaller, unmarshaller, cancellationToken); }
public async Task<BlobDescriptor> GetBlobDescriptorAsync(string containerName, string blobName) { var key = GenerateKeyName(containerName, blobName); try { var objectMetaRequest = new GetObjectMetadataRequest() { BucketName = _bucket, Key = key }; var objectMetaResponse = await _s3Client.GetObjectMetadataAsync(objectMetaRequest); var objectAclRequest = new GetACLRequest() { BucketName = _bucket, Key = key }; var objectAclResponse = await _s3Client.GetACLAsync(objectAclRequest); var isPublic = objectAclResponse.AccessControlList.Grants.Any(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers"); return new BlobDescriptor { Name = blobName, Container = containerName, Length = objectMetaResponse.Headers.ContentLength, ETag = objectMetaResponse.ETag, ContentMD5 = objectMetaResponse.ETag, ContentType = objectMetaResponse.Headers.ContentType, ContentDisposition = objectMetaResponse.Headers.ContentDisposition, LastModified = objectMetaResponse.LastModified, Security = isPublic ? BlobSecurity.Public : BlobSecurity.Private, Metadata = objectMetaResponse.Metadata.ToMetadata(), }; } catch (AmazonS3Exception asex) { throw asex.ToStorageException(); } }