1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package s3control 4 5import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 10 s3controlcust "github.com/aws/aws-sdk-go-v2/service/s3control/internal/customizations" 11 smithy "github.com/aws/smithy-go" 12 "github.com/aws/smithy-go/middleware" 13 smithyhttp "github.com/aws/smithy-go/transport/http" 14 "strings" 15) 16 17// This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a 18// policy for an S3 bucket, see GetBucketPolicy 19// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicy.html) in 20// the Amazon S3 API Reference. Returns the policy of a specified Outposts bucket. 21// For more information, see Using Amazon S3 on Outposts 22// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) in the 23// Amazon S3 User Guide. If you are using an identity other than the root user of 24// the AWS account that owns the bucket, the calling identity must have the 25// GetBucketPolicy permissions on the specified bucket and belong to the bucket 26// owner's account in order to use this action. Only users from Outposts bucket 27// owner account with the right permissions can perform actions on an Outposts 28// bucket. If you don't have s3-outposts:GetBucketPolicy permissions or you're not 29// using an identity that belongs to the bucket owner's account, Amazon S3 returns 30// a 403 Access Denied error. As a security precaution, the root user of the AWS 31// account that owns a bucket can always use this action, even if the policy 32// explicitly denies the root user the ability to perform this action. For more 33// information about bucket policies, see Using Bucket Policies and User Policies 34// (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). All 35// Amazon S3 on Outposts REST API requests for this action require an additional 36// parameter of x-amz-outpost-id to be passed with the request and an S3 on 37// Outposts endpoint hostname prefix instead of s3-control. For an example of the 38// request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint 39// hostname prefix and the x-amz-outpost-id derived using the access point ARN, see 40// the Examples 41// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetBucketPolicy.html#API_control_GetBucketPolicy_Examples) 42// section. The following actions are related to GetBucketPolicy: 43// 44// * GetObject 45// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) 46// 47// * 48// PutBucketPolicy 49// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutBucketPolicy.html) 50// 51// * 52// DeleteBucketPolicy 53// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteBucketPolicy.html) 54func (c *Client) GetBucketPolicy(ctx context.Context, params *GetBucketPolicyInput, optFns ...func(*Options)) (*GetBucketPolicyOutput, error) { 55 if params == nil { 56 params = &GetBucketPolicyInput{} 57 } 58 59 result, metadata, err := c.invokeOperation(ctx, "GetBucketPolicy", params, optFns, addOperationGetBucketPolicyMiddlewares) 60 if err != nil { 61 return nil, err 62 } 63 64 out := result.(*GetBucketPolicyOutput) 65 out.ResultMetadata = metadata 66 return out, nil 67} 68 69type GetBucketPolicyInput struct { 70 71 // The AWS account ID of the Outposts bucket. 72 // 73 // This member is required. 74 AccountId *string 75 76 // Specifies the bucket. For using this parameter with Amazon S3 on Outposts with 77 // the REST API, you must specify the name and the x-amz-outpost-id as well. For 78 // using this parameter with S3 on Outposts with the AWS SDK and CLI, you must 79 // specify the ARN of the bucket accessed in the format 80 // arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket 81 // reports through outpost my-outpost owned by account 123456789012 in Region 82 // us-west-2, use the URL encoding of 83 // arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. 84 // The value must be URL encoded. 85 // 86 // This member is required. 87 Bucket *string 88} 89 90type GetBucketPolicyOutput struct { 91 92 // The policy of the Outposts bucket. 93 Policy *string 94 95 // Metadata pertaining to the operation's result. 96 ResultMetadata middleware.Metadata 97} 98 99func addOperationGetBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { 100 err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketPolicy{}, middleware.After) 101 if err != nil { 102 return err 103 } 104 err = stack.Deserialize.Add(&awsRestxml_deserializeOpGetBucketPolicy{}, middleware.After) 105 if err != nil { 106 return err 107 } 108 if err = addSetLoggerMiddleware(stack, options); err != nil { 109 return err 110 } 111 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 112 return err 113 } 114 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 115 return err 116 } 117 if err = addResolveEndpointMiddleware(stack, options); err != nil { 118 return err 119 } 120 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 121 return err 122 } 123 if err = addRetryMiddlewares(stack, options); err != nil { 124 return err 125 } 126 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 127 return err 128 } 129 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 130 return err 131 } 132 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 133 return err 134 } 135 if err = addClientUserAgent(stack); err != nil { 136 return err 137 } 138 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 139 return err 140 } 141 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 142 return err 143 } 144 if err = addEndpointPrefix_opGetBucketPolicyMiddleware(stack); err != nil { 145 return err 146 } 147 if err = addOpGetBucketPolicyValidationMiddleware(stack); err != nil { 148 return err 149 } 150 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetBucketPolicy(options.Region), middleware.Before); err != nil { 151 return err 152 } 153 if err = addMetadataRetrieverMiddleware(stack); err != nil { 154 return err 155 } 156 if err = addGetBucketPolicyUpdateEndpoint(stack, options); err != nil { 157 return err 158 } 159 if err = addResponseErrorMiddleware(stack); err != nil { 160 return err 161 } 162 if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil { 163 return err 164 } 165 if err = addRequestResponseLogging(stack, options); err != nil { 166 return err 167 } 168 return nil 169} 170 171type endpointPrefix_opGetBucketPolicyMiddleware struct { 172} 173 174func (*endpointPrefix_opGetBucketPolicyMiddleware) ID() string { 175 return "EndpointHostPrefix" 176} 177 178func (m *endpointPrefix_opGetBucketPolicyMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( 179 out middleware.SerializeOutput, metadata middleware.Metadata, err error, 180) { 181 if smithyhttp.GetHostnameImmutable(ctx) || smithyhttp.IsEndpointHostPrefixDisabled(ctx) { 182 return next.HandleSerialize(ctx, in) 183 } 184 185 req, ok := in.Request.(*smithyhttp.Request) 186 if !ok { 187 return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) 188 } 189 190 input, ok := in.Parameters.(*GetBucketPolicyInput) 191 if !ok { 192 return out, metadata, fmt.Errorf("unknown input type %T", in.Parameters) 193 } 194 195 var prefix strings.Builder 196 if input.AccountId == nil { 197 return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("AccountId forms part of the endpoint host and so may not be nil")} 198 } else if !smithyhttp.ValidHostLabel(*input.AccountId) { 199 return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("AccountId forms part of the endpoint host and so must match \"[a-zA-Z0-9-]{1,63}\", but was \"%s\"", *input.AccountId)} 200 } else { 201 prefix.WriteString(*input.AccountId) 202 } 203 prefix.WriteString(".") 204 req.URL.Host = prefix.String() + req.URL.Host 205 206 return next.HandleSerialize(ctx, in) 207} 208func addEndpointPrefix_opGetBucketPolicyMiddleware(stack *middleware.Stack) error { 209 return stack.Serialize.Insert(&endpointPrefix_opGetBucketPolicyMiddleware{}, `OperationSerializer`, middleware.After) 210} 211 212func newServiceMetadataMiddleware_opGetBucketPolicy(region string) *awsmiddleware.RegisterServiceMetadata { 213 return &awsmiddleware.RegisterServiceMetadata{ 214 Region: region, 215 ServiceID: ServiceID, 216 SigningName: "s3", 217 OperationName: "GetBucketPolicy", 218 } 219} 220 221func copyGetBucketPolicyInputForUpdateEndpoint(params interface{}) (interface{}, error) { 222 input, ok := params.(*GetBucketPolicyInput) 223 if !ok { 224 return nil, fmt.Errorf("expect *GetBucketPolicyInput type, got %T", params) 225 } 226 cpy := *input 227 return &cpy, nil 228} 229func getGetBucketPolicyARNMember(input interface{}) (*string, bool) { 230 in := input.(*GetBucketPolicyInput) 231 if in.Bucket == nil { 232 return nil, false 233 } 234 return in.Bucket, true 235} 236func setGetBucketPolicyARNMember(input interface{}, v string) error { 237 in := input.(*GetBucketPolicyInput) 238 in.Bucket = &v 239 return nil 240} 241func backFillGetBucketPolicyAccountID(input interface{}, v string) error { 242 in := input.(*GetBucketPolicyInput) 243 if in.AccountId != nil { 244 if !strings.EqualFold(*in.AccountId, v) { 245 return fmt.Errorf("error backfilling account id") 246 } 247 return nil 248 } 249 in.AccountId = &v 250 return nil 251} 252func addGetBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Options) error { 253 return s3controlcust.UpdateEndpoint(stack, s3controlcust.UpdateEndpointOptions{ 254 Accessor: s3controlcust.UpdateEndpointParameterAccessor{GetARNInput: getGetBucketPolicyARNMember, 255 BackfillAccountID: backFillGetBucketPolicyAccountID, 256 GetOutpostIDInput: nopGetOutpostIDFromInput, 257 UpdateARNField: setGetBucketPolicyARNMember, 258 CopyInput: copyGetBucketPolicyInputForUpdateEndpoint, 259 }, 260 EndpointResolver: options.EndpointResolver, 261 EndpointResolverOptions: options.EndpointOptions, 262 UseDualstack: options.UseDualstack, 263 UseARNRegion: options.UseARNRegion, 264 }) 265} 266