Examples with CanonicalGrantee com.amazonaws.services.s3.model.CanonicalGrantee used on opensource projects

Example 1 with CanonicalGrantee

use of com.amazonaws.services.s3.model.CanonicalGrantee in project druid by druid-io.

the class S3DataSegmentPusherTest method testPushInternal.

private void testPushInternal(boolean useUniquePath, String matcher) throws Exception {
    ServerSideEncryptingAmazonS3 s3Client = EasyMock.createStrictMock(ServerSideEncryptingAmazonS3.class);
    final AccessControlList acl = new AccessControlList();
    acl.setOwner(new Owner("ownerId", "owner"));
    acl.grantAllPermissions(new Grant(new CanonicalGrantee(acl.getOwner().getId()), Permission.FullControl));
    EasyMock.expect(s3Client.getBucketAcl(EasyMock.eq("bucket"))).andReturn(acl).once();
    EasyMock.expect(s3Client.putObject(EasyMock.anyObject())).andReturn(new PutObjectResult()).once();
    EasyMock.replay(s3Client);
    S3DataSegmentPusherConfig config = new S3DataSegmentPusherConfig();
    config.setBucket("bucket");
    config.setBaseKey("key");
    S3DataSegmentPusher pusher = new S3DataSegmentPusher(s3Client, config);
    // Create a mock segment on disk
    File tmp = tempFolder.newFile("version.bin");
    final byte[] data = new byte[] { 0x0, 0x0, 0x0, 0x1 };
    Files.write(data, tmp);
    final long size = data.length;
    DataSegment segmentToPush = new DataSegment("foo", Intervals.of("2015/2016"), "0", new HashMap<>(), new ArrayList<>(), new ArrayList<>(), NoneShardSpec.instance(), 0, size);
    DataSegment segment = pusher.push(tempFolder.getRoot(), segmentToPush, useUniquePath);
    Assert.assertEquals(segmentToPush.getSize(), segment.getSize());
    Assert.assertEquals(1, (int) segment.getBinaryVersion());
    Assert.assertEquals("bucket", segment.getLoadSpec().get("bucket"));
    Assert.assertTrue(segment.getLoadSpec().get("key").toString(), Pattern.compile(matcher).matcher(segment.getLoadSpec().get("key").toString()).matches());
    Assert.assertEquals("s3_zip", segment.getLoadSpec().get("type"));
    EasyMock.verify(s3Client);
}

Example 2 with CanonicalGrantee

use of com.amazonaws.services.s3.model.CanonicalGrantee in project aws-doc-sdk-examples by awsdocs.

the class ModifyACLExistingObject method main.

public static void main(String[] args) throws IOException {
    Regions clientRegion = Regions.DEFAULT_REGION;
    String bucketName = "*** Bucket name ***";
    String keyName = "*** Key name ***";
    String emailGrantee = "*** user@example.com ***";
    try {
        AmazonS3 s3Client = AmazonS3ClientBuilder.standard().withCredentials(new ProfileCredentialsProvider()).withRegion(clientRegion).build();
        // Get the existing object ACL that we want to modify.
        AccessControlList acl = s3Client.getObjectAcl(bucketName, keyName);
        // Clear the existing list of grants.
        acl.getGrantsAsList().clear();
        // Grant a sample set of permissions, using the existing ACL owner for Full Control permissions.
        acl.grantPermission(new CanonicalGrantee(acl.getOwner().getId()), Permission.FullControl);
        acl.grantPermission(new EmailAddressGrantee(emailGrantee), Permission.WriteAcp);
        // Save the modified ACL back to the object.
        s3Client.setObjectAcl(bucketName, keyName, acl);
    } catch (AmazonServiceException e) {
        // The call was transmitted successfully, but Amazon S3 couldn't process
        // it, so it returned an error response.
        e.printStackTrace();
    } catch (SdkClientException e) {
        // Amazon S3 couldn't be contacted for a response, or the client
        // couldn't parse the response from Amazon S3.
        e.printStackTrace();
    }
}

Example 3 with CanonicalGrantee

use of com.amazonaws.services.s3.model.CanonicalGrantee in project alluxio by Alluxio.

the class S3AUtilsTest method before.

@Before
public void before() throws Exception {
    // Setup owner.
    mUserGrantee = new CanonicalGrantee(ID);
    mUserGrantee.setDisplayName(NAME);
    // Setup the acl.
    mAcl = new AccessControlList();
    mAcl.setOwner(new Owner(ID, NAME));
}

Example 4 with CanonicalGrantee

use of com.amazonaws.services.s3.model.CanonicalGrantee in project druid by druid-io.

the class S3Utils method grantFullControlToBucketOwner.

static AccessControlList grantFullControlToBucketOwner(ServerSideEncryptingAmazonS3 s3Client, String bucket) {
    final AccessControlList acl = s3Client.getBucketAcl(bucket);
    acl.grantAllPermissions(new Grant(new CanonicalGrantee(acl.getOwner().getId()), Permission.FullControl));
    return acl;
}

Example 5 with CanonicalGrantee

use of com.amazonaws.services.s3.model.CanonicalGrantee in project aws-doc-sdk-examples by awsdocs.

the class CreateBucketWithACL method main.

public static void main(String[] args) throws IOException {
    Regions clientRegion = Regions.DEFAULT_REGION;
    String bucketName = "*** Bucket name ***";
    String userEmailForReadPermission = "*** user@example.com ***";
    try {
        AmazonS3 s3Client = AmazonS3ClientBuilder.standard().withRegion(clientRegion).build();
        // Create a bucket with a canned ACL. This ACL will be replaced by the setBucketAcl()
        // calls below. It is included here for demonstration purposes.
        CreateBucketRequest createBucketRequest = new CreateBucketRequest(bucketName, clientRegion.getName()).withCannedAcl(CannedAccessControlList.LogDeliveryWrite);
        s3Client.createBucket(createBucketRequest);
        // Create a collection of grants to add to the bucket.
        ArrayList<Grant> grantCollection = new ArrayList<Grant>();
        // Grant the account owner full control.
        Grant grant1 = new Grant(new CanonicalGrantee(s3Client.getS3AccountOwner().getId()), Permission.FullControl);
        grantCollection.add(grant1);
        // Grant the LogDelivery group permission to write to the bucket.
        Grant grant2 = new Grant(GroupGrantee.LogDelivery, Permission.Write);
        grantCollection.add(grant2);
        // Save grants by replacing all current ACL grants with the two we just created.
        AccessControlList bucketAcl = new AccessControlList();
        bucketAcl.grantAllPermissions(grantCollection.toArray(new Grant[0]));
        s3Client.setBucketAcl(bucketName, bucketAcl);
        // Retrieve the bucket's ACL, add another grant, and then save the new ACL.
        AccessControlList newBucketAcl = s3Client.getBucketAcl(bucketName);
        Grant grant3 = new Grant(new EmailAddressGrantee(userEmailForReadPermission), Permission.Read);
        newBucketAcl.grantAllPermissions(grant3);
        s3Client.setBucketAcl(bucketName, newBucketAcl);
    } catch (AmazonServiceException e) {
        // The call was transmitted successfully, but Amazon S3 couldn't process
        // it and returned an error response.
        e.printStackTrace();
    } catch (SdkClientException e) {
        // Amazon S3 couldn't be contacted for a response, or the client
        // couldn't parse the response from Amazon S3.
        e.printStackTrace();
    }
}