Documentation
¶
Overview ¶
Package s3 implements the Destination interface for S3 and S3-compatible stores (AWS, MinIO, Wasabi, Backblaze B2, IDrive). It is create-only: there is no delete or overwrite path. Credentials come from the AWS SDK default chain, static keys (S3-compatible) are supplied via AWS_* env, never hand-resolved here.
Index ¶
- type Backend
- func (b *Backend) Get(ctx context.Context, key string) (io.ReadCloser, error)
- func (b *Backend) List(ctx context.Context, prefix string) ([]dest.Object, error)
- func (b *Backend) PutImmutable(ctx context.Context, key string, r io.Reader, size int64, ret dest.Retention) (dest.PutResult, error)
- func (b *Backend) VerifyWorm(ctx context.Context) (dest.WormStatus, error)
- type Options
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Backend ¶
type Backend struct {
// contains filtered or unexported fields
}
Backend is a create-only S3 Destination.
func (*Backend) PutImmutable ¶
func (b *Backend) PutImmutable(ctx context.Context, key string, r io.Reader, size int64, ret dest.Retention) (dest.PutResult, error)
PutImmutable creates key, create-only, never overwriting or deleting. Object Lock retention is applied only when ret carries a retain-until (i.e. the bucket is immutable); on the non-WORM adoption path we write plainly, because sending lock headers to a bucket without Object Lock is a 400. An explicit CRC32 checksum is always sent: AWS and some S3-compatible stores (Backblaze B2) require Content-MD5 or an x-amz-checksum header on Object Lock PutObject requests.
func (*Backend) VerifyWorm ¶
VerifyWorm probes bucket Object Lock. A missing lock config is reported as not-locked (so the operator can override); other failures are returned as errors.
type Options ¶
type Options struct {
Bucket string
Region string // defaults to us-east-1 (also fine for MinIO)
Endpoint string // empty = AWS; set for MinIO/Wasabi/B2/IDrive
UsePathStyle bool // true for MinIO and most S3-compatible stores
}
Options configures the S3 backend. Credentials are intentionally absent: they are resolved by the SDK default chain (env, IRSA/Pod Identity, instance profile, SSO).