List of usage examples for com.amazonaws.services.s3.model CannedAccessControlList BucketOwnerFullControl
CannedAccessControlList BucketOwnerFullControl
To view the source code for com.amazonaws.services.s3.model CannedAccessControlList BucketOwnerFullControl.
Click Source Link
From source file:com.eucalyptus.loadbalancing.workflow.LoadBalancingActivitiesImpl.java
License:Open Source License
@Override public AccessLogPolicyActivityResult modifyLoadBalancerAttributesCreateAccessLogPolicy( final String accountNumber, final String lbName, final Boolean accessLogEnabled, final String s3BucketName, final String s3BucketPrefix, final Integer emitInterval) throws LoadBalancingActivityException { final String ACCESSLOG_ROLE_POLICY_DOCUMENT = "{\"Statement\":" + "[ {" + "\"Action\": [\"s3:PutObject\"]," + "\"Effect\": \"Allow\"," + "\"Resource\": [\"arn:aws:s3:::BUCKETNAME_PLACEHOLDER/BUCKETPREFIX_PLACEHOLDER\"]" + "}]}"; AccessLogPolicyActivityResult result = new AccessLogPolicyActivityResult(); result.setShouldRollback(false);/*from ww w . ja v a2s .c om*/ if (!accessLogEnabled) return result; final String bucketName = s3BucketName; final String bucketPrefix = com.google.common.base.Objects.firstNonNull(s3BucketPrefix, ""); final String roleName = getRoleName(accountNumber, lbName); final String policyName = ACCESSLOG_ROLE_POLICY_NAME; try { final List<String> policies = EucalyptusActivityTasks.getInstance().listRolePolicies(roleName); if (policies.contains(policyName)) { EucalyptusActivityTasks.getInstance().deleteRolePolicy(roleName, policyName); } } catch (final Exception ex) { ; } String policyDocument = ACCESSLOG_ROLE_POLICY_DOCUMENT.replace("BUCKETNAME_PLACEHOLDER", bucketName); if (bucketPrefix.length() > 0) { policyDocument = policyDocument.replace("BUCKETPREFIX_PLACEHOLDER", bucketPrefix + "/*"); } else { policyDocument = policyDocument.replace("BUCKETPREFIX_PLACEHOLDER", "*"); } try { EucalyptusActivityTasks.getInstance().putRolePolicy(roleName, policyName, policyDocument); result.setRoleName(roleName); result.setPolicyName(policyName); result.setShouldRollback(true); } catch (final Exception ex) { throw new LoadBalancingActivityException( "failed to put role policy for loadbalancer vm's access to S3 buckets"); } try { final EucaS3Client s3c = getS3Client(roleName); final String key = s3BucketPrefix != null && !s3BucketPrefix.isEmpty() ? String.format("%s/AWSLogs/%s/ELBAccessLogTestFile", s3BucketPrefix, accountNumber) : String.format("AWSLogs/%s/ELBAccessLogTestFile", accountNumber); final DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS"); final String content = String.format("Enable AccessLog for ELB: %s at %s", lbName, df.format(new Date())); final PutObjectRequest req = new PutObjectRequest(bucketName, key, new ByteArrayInputStream(content.getBytes(StandardCharsets.UTF_8)), new ObjectMetadata()) .withCannedAcl(CannedAccessControlList.BucketOwnerFullControl); s3c.putObject(req); } catch (final Exception ex) { LOG.warn("Failed to put test key to the access log bucket"); } return result; }
From source file:com.eucalyptus.portal.BucketUploadableActivities.java
License:Open Source License
protected boolean upload(final String accountId, final String keyName, InputStream contents) throws S3UploadException { Optional<String> bucketName; try {/*from ww w .j a va 2 s. c o m*/ bucketName = this.billingInfos.lookupByAccount(accountId, AccountFullName.getInstance(accountId), (info) -> info.getBillingReportsBucket() != null ? Optional.of(info.getBillingReportsBucket()) : Optional.empty()); } catch (final Exception ex) { throw new S3UploadException("Failed to lookup user's bucket setting"); } if (bucketName.isPresent()) { try { final EucaS3Client s3c = getS3Client(); // this will throw error if bucket policy does not allow billing writing into the bucket if (s3c != null) { final PutObjectRequest req = new PutObjectRequest(bucketName.get(), keyName, contents, new ObjectMetadata()).withCannedAcl(CannedAccessControlList.BucketOwnerFullControl); s3c.putObject(req); return true; } } catch (final AmazonServiceException ex) { throw new S3UploadException("Failed to upload due to S3 service error: " + ex.getErrorCode()); } catch (final SdkClientException ex) { throw new S3UploadException("Failed to upload due to S3 client error", ex); } catch (final Exception ex) { throw new S3UploadException("Failed to upload report to bucket", ex); } } return false; }
From source file:com.eucalyptus.portal.PortalService.java
License:Open Source License
public ModifyBillingResponseType modifyBilling(final ModifyBillingType request) throws PortalServiceException { final Context context = checkAuthorized(); final ModifyBillingResponseType response = request.getReply(); Function<BillingInfo, BillingInfo> updater = info -> { info.setBillingReportsBucket(request.getReportBucket()); info.setDetailedBillingEnabled(MoreObjects.firstNonNull(request.getDetailedBillingEnabled(), false)); if (request.getActiveCostAllocationTags() != null) { info.setActiveCostAllocationTags(request.getActiveCostAllocationTags()); }//from ww w . j a v a2s .c om return info; }; final Predicate<String> testBucket = (bucket) -> { try { final EucaS3Client s3c = BucketUploadableActivities.getS3Client(); PutObjectRequest req = new PutObjectRequest(bucket, "aws-programmatic-access-test-object", new ByteArrayInputStream("test".getBytes(StandardCharsets.UTF_8)), new ObjectMetadata()) .withCannedAcl(CannedAccessControlList.BucketOwnerFullControl); s3c.putObject(req); return true; } catch (final Exception ex) { ; } return false; }; try { if (request.getReportBucket() != null && !testBucket.test(request.getReportBucket())) { throw new PortalInvalidParameterException("Requested bucket is not accessible by billing"); } try { response.getResult().setBillingSettings( billingInfos.updateByAccount(context.getAccountNumber(), context.getAccount(), info -> TypeMappers.transform(updater.apply(info), BillingSettings.class))); } catch (PortalMetadataNotFoundException e) { final BillingInfo billingInfo = updater.apply(billingInfos.defaults()); billingInfo.setOwner(context.getUserFullName()); billingInfo.setDisplayName(context.getAccountNumber()); response.getResult().setBillingSettings(billingInfos.save(billingInfo, TypeMappers.lookupF(BillingInfo.class, BillingSettings.class))); } } catch (Exception e) { throw handleException(e); } return response; }
From source file:com.mindtree.maven.S3Mojo.java
License:Apache License
private void createBucketAndUploadFiles() throws MojoExecutionException { for (int i = 0; i < bucketNames.length; i++) { String path = bucketNames[i]; int index = path.indexOf("/"); logger.debug("Got index of / : " + index); logger.debug("Trying upload for files with path : " + path); // The path to upload can have subdirectories hence only the first // directory (root) is required String rootBucket = path; if (index == 0) { logger.debug("Unique name bucket creation is required"); rootBucket = UNIQUE;// www . j a va 2 s . com } else if (index != -1) { logger.debug("Given name bucket creation is required"); rootBucket = rootBucket.substring(0, index); } Bucket bucket = createS3Bucket(rootBucket); if (bucket != null) { List<File> fileList = mapFiles.get(path); logger.debug("Got fileList as null :: " + (fileList == null)); if (fileList != null) { logger.debug("Size of fileList :" + fileList.size()); } CannedAccessControlList cacl = CannedAccessControlList.Private; if (accessControls[i].equalsIgnoreCase(CannedAccessControlList.AuthenticatedRead.toString())) { cacl = CannedAccessControlList.AuthenticatedRead; } else if (accessControls[i] .equalsIgnoreCase(CannedAccessControlList.BucketOwnerFullControl.toString())) { cacl = CannedAccessControlList.BucketOwnerFullControl; } else if (accessControls[i].equalsIgnoreCase(CannedAccessControlList.BucketOwnerRead.toString())) { cacl = CannedAccessControlList.BucketOwnerRead; } else if (accessControls[i] .equalsIgnoreCase(CannedAccessControlList.LogDeliveryWrite.toString())) { cacl = CannedAccessControlList.LogDeliveryWrite; } else if (accessControls[i].equalsIgnoreCase(CannedAccessControlList.Private.toString())) { cacl = CannedAccessControlList.Private; } else if (accessControls[i].equalsIgnoreCase(CannedAccessControlList.PublicRead.toString())) { cacl = CannedAccessControlList.PublicRead; } else if (accessControls[i].equalsIgnoreCase(CannedAccessControlList.PublicReadWrite.toString())) { cacl = CannedAccessControlList.PublicReadWrite; } String bucketName = bucket.getName() + bucketNames[i].substring(bucketNames[i].indexOf("/")); logger.debug("File to upload to :" + bucketName); if (fileList != null && fileList.size() > 0) { if (!retainFolderStructure) { logger.debug("Not retaining folder structure and uploadinf files"); System.out.println(cacl.toString()); List<PutObjectResult> fileUploadResults = S3Helper.uploadFiles(fileList, bucketName, s3, cacl); } else { logger.debug("Uploading with retained dir structure"); List<PutObjectResult> fileUploadResults = S3Helper.uploadFiles(fileList, bucketName, s3, cacl, root); } } } } }
From source file:com.tango.BucketSyncer.KeyJobs.S32S3KeyCopyJob.java
License:Apache License
boolean keyCopied(ObjectMetadata sourceMetadata, AccessControlList objectAcl) { boolean copied = false; String key = summary.getKey(); MirrorOptions options = context.getOptions(); boolean verbose = options.isVerbose(); int maxRetries = options.getMaxRetries(); MirrorStats stats = context.getStats(); for (int tries = 0; tries < maxRetries; tries++) { if (verbose) { log.info("copying (try # {}): {} to: {}", new Object[] { tries, key, keydest }); }/* ww w. j a va 2s . c o m*/ final CopyObjectRequest request = new CopyObjectRequest(options.getSourceBucket(), key, options.getDestinationBucket(), keydest); request.setNewObjectMetadata(sourceMetadata); if (options.isCrossAccountCopy()) { request.setCannedAccessControlList(CannedAccessControlList.BucketOwnerFullControl); } else { request.setAccessControlList(objectAcl); } try { stats.copyCount.incrementAndGet(); client.copyObject(request); stats.bytesCopied.addAndGet(sourceMetadata.getContentLength()); if (verbose) { log.info("successfully copied (on try #{}): {} to: {}", new Object[] { tries, key, keydest }); } copied = true; break; } catch (AmazonS3Exception s3e) { //if return with 404 error, problem with bucket name if (s3e.getStatusCode() == HttpStatus.SC_NOT_FOUND) { log.error("Failed to access S3 bucket. Check bucket name: ", s3e); System.exit(1); } log.error("s3 exception copying (try #{}) {} to: {}: {}", new Object[] { tries, key, keydest, s3e }); } catch (Exception e) { log.error("unexpected exception copying (try #{}) {} to: {}: {}", new Object[] { tries, key, keydest, e }); } try { Thread.sleep(10); } catch (InterruptedException e) { log.error("interrupted while waiting to retry key: {}: {}", key, e); return copied; } } return copied; }
From source file:com.tango.BucketSyncer.KeyJobs.S32S3MultipartKeyCopyJob.java
License:Apache License
@Override boolean keyCopied(ObjectMetadata sourceMetadata, AccessControlList objectAcl) { long objectSize = summary.getSize(); MirrorOptions options = context.getOptions(); String sourceBucketName = options.getSourceBucket(); int maxPartRetries = options.getMaxRetries(); String targetBucketName = options.getDestinationBucket(); List<CopyPartResult> copyResponses = new ArrayList<CopyPartResult>(); if (options.isVerbose()) { log.info("Initiating multipart upload request for {}", summary.getKey()); }//from w w w . ja v a2s. c om InitiateMultipartUploadRequest initiateRequest = new InitiateMultipartUploadRequest(targetBucketName, keydest).withObjectMetadata(sourceMetadata); if (options.isCrossAccountCopy()) { initiateRequest.withCannedACL(CannedAccessControlList.BucketOwnerFullControl); } else { initiateRequest.withAccessControlList(objectAcl); } InitiateMultipartUploadResult initResult = client.initiateMultipartUpload(initiateRequest); long partSize = options.getUploadPartSize(); long bytePosition = 0; for (int i = 1; bytePosition < objectSize; i++) { long lastByte = bytePosition + partSize - 1 >= objectSize ? objectSize - 1 : bytePosition + partSize - 1; String infoMessage = String.format("Copying: %s to %s", bytePosition, lastByte); if (options.isVerbose()) { log.info(infoMessage); } CopyPartRequest copyRequest = new CopyPartRequest().withDestinationBucketName(targetBucketName) .withDestinationKey(keydest).withSourceBucketName(sourceBucketName) .withSourceKey(summary.getKey()).withUploadId(initResult.getUploadId()) .withFirstByte(bytePosition).withLastByte(lastByte).withPartNumber(i); for (int tries = 1; tries <= maxPartRetries; tries++) { try { if (options.isVerbose()) { log.info("try : {}", tries); } context.getStats().copyCount.incrementAndGet(); CopyPartResult copyPartResult = client.copyPart(copyRequest); copyResponses.add(copyPartResult); if (options.isVerbose()) { log.info("completed {} ", infoMessage); } break; } catch (Exception e) { if (tries == maxPartRetries) { client.abortMultipartUpload(new AbortMultipartUploadRequest(targetBucketName, keydest, initResult.getUploadId())); log.error("Exception while doing multipart copy: {}", e); return false; } } } bytePosition += partSize; } CompleteMultipartUploadRequest completeRequest = new CompleteMultipartUploadRequest(targetBucketName, keydest, initResult.getUploadId(), getETags(copyResponses)); client.completeMultipartUpload(completeRequest); if (options.isVerbose()) { log.info("completed multipart request for : {}", summary.getKey()); } context.getStats().bytesCopied.addAndGet(objectSize); return true; }
From source file:fi.yle.tools.aws.maven.SimpleStorageServiceWagon.java
License:Apache License
@Override protected void putResource(File source, String destination, TransferProgress transferProgress) throws TransferFailedException, ResourceDoesNotExistException { String key = getKey(destination); mkdirs(key, 0);//from w w w.j av a2 s .c o m InputStream in = null; try { ObjectMetadata objectMetadata = new ObjectMetadata(); objectMetadata.setContentLength(source.length()); objectMetadata.setContentType(Mimetypes.getInstance().getMimetype(source)); in = new TransferProgressFileInputStream(source, transferProgress); this.amazonS3.putObject(new PutObjectRequest(this.bucketName, key, in, objectMetadata) .withCannedAcl(CannedAccessControlList.BucketOwnerFullControl)); } catch (AmazonServiceException e) { throw new TransferFailedException(String.format("Cannot write file to '%s'", destination), e); } catch (FileNotFoundException e) { throw new ResourceDoesNotExistException(String.format("Cannot read file from '%s'", source), e); } finally { IoUtils.closeQuietly(in); } }
From source file:fi.yle.tools.aws.maven.SimpleStorageServiceWagon.java
License:Apache License
private PutObjectRequest createDirectoryPutObjectRequest(String key) { ByteArrayInputStream inputStream = new ByteArrayInputStream(new byte[0]); ObjectMetadata objectMetadata = new ObjectMetadata(); objectMetadata.setContentLength(0);/*w w w. j a va2 s .c o m*/ return new PutObjectRequest(this.bucketName, key, inputStream, objectMetadata) .withCannedAcl(CannedAccessControlList.BucketOwnerFullControl); }
From source file:org.alanwilliamson.amazon.AmazonKey.java
License:Open Source License
/** * private | public-read | public-read-write | authenticated-read | bucket-owner-read | bucket-owner-full-control | log-delivery-write * * @param acl/*from www . j av a2 s . c o m*/ * @return */ public CannedAccessControlList getAmazonCannedAcl(String acl) { if (acl.equalsIgnoreCase("private")) return CannedAccessControlList.Private; else if (acl.equalsIgnoreCase("public-read") || acl.equalsIgnoreCase("publicread")) return CannedAccessControlList.PublicRead; else if (acl.equalsIgnoreCase("public-read-write") || acl.equalsIgnoreCase("publicreadwrite")) return CannedAccessControlList.PublicReadWrite; else if (acl.equalsIgnoreCase("authenticated-read") || acl.equalsIgnoreCase("authenticatedread")) return CannedAccessControlList.AuthenticatedRead; else if (acl.equalsIgnoreCase("bucket-owner-read") || acl.equalsIgnoreCase("bucketownerread")) return CannedAccessControlList.BucketOwnerRead; else if (acl.equalsIgnoreCase("bucket-owner-full-control") || acl.equalsIgnoreCase("bucketownerfullcontrol")) return CannedAccessControlList.BucketOwnerFullControl; else if (acl.equalsIgnoreCase("log-delivery-write") || acl.equalsIgnoreCase("logdeliverywrite")) return CannedAccessControlList.LogDeliveryWrite; else return CannedAccessControlList.Private; }
From source file:org.geowebcache.s3.S3BlobStoreInfo.java
License:Open Source License
/** * Checks access type/*from w w w .ja v a 2 s. c o m*/ * * @return public or private access */ public CannedAccessControlList getAccessControlList() { CannedAccessControlList accessControlList; if (access == Access.PRIVATE) { accessControlList = CannedAccessControlList.BucketOwnerFullControl; } else { accessControlList = CannedAccessControlList.PublicRead; } return accessControlList; }