s3

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2026 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	S3ACLPrivate           = "private"
	S3ACLPublicRead        = "public-read"
	S3ACLPublicReadWrite   = "public-read-write"
	S3ACLAuthenticatedRead = "authenticated-read"
	S3ACLAWSExecRead       = "aws-exec-read"
)

AWS S3 canned ACL values accepted by the `x-amz-acl` header.

Variables

This section is empty.

Functions

func NormalizeS3ACL added in v0.3.1 

func NormalizeS3ACL(level string) string

NormalizeS3ACL maps user-friendly aliases to canned S3 ACL values.

func S3CannedACLFromGrants added in v0.3.1 

func S3CannedACLFromGrants(out api.GetBucketAclOutput) string

S3CannedACLFromGrants collapses a parsed Grant list into the canned-ACL label that best represents it. The mapping mirrors how the AWS console summarises ACL state: any AllUsers group grant means public.

Types

type Driver added in v0.0.9 

type Driver struct {
	Client        *api.Client
	DefaultRegion string
}

func (*Driver) AuditBucketACL added in v0.3.1 

func (d *Driver) AuditBucketACL(ctx context.Context, bucket string) ([]schema.BucketACLEntry, error)

AuditBucketACL enumerates buckets in scope and returns the canned ACL summary for each. ACL state on AWS S3 is the union of canned ACL grants and a bucket's optional Public Access Block; this view surfaces only the canned-grant signal because that is what the bucket-acl-check `audit` table is shaped around.

func (*Driver) ExposeBucket added in v0.3.1 

func (d *Driver) ExposeBucket(ctx context.Context, bucket, level string) (string, error)

ExposeBucket sets a public canned ACL on bucket. AWS layers Public Access Block on top of ACL grants — newer accounts have BPA enabled by default, which silently overrides any public canned ACL. This helper deletes the bucket-level BPA first (best-effort, errors are non-fatal) so the canned ACL change actually surfaces in the next audit.

func (*Driver) GetBuckets added in v0.0.9 

func (d *Driver) GetBuckets(ctx context.Context) ([]schema.Storage, error)

func (*Driver) ListObjects added in v0.0.9 

func (d *Driver) ListObjects(ctx context.Context, buckets map[string]string) ([]schema.BucketResult, error)

func (*Driver) TotalObjects added in v0.1.0 

func (d *Driver) TotalObjects(ctx context.Context, buckets map[string]string) ([]schema.BucketResult, error)

func (*Driver) UnexposeBucket added in v0.3.1 

func (d *Driver) UnexposeBucket(ctx context.Context, bucket string) error

UnexposeBucket reverts bucket to the `private` canned ACL.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.