1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package s3control 4 5import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 10 s3controlcust "github.com/aws/aws-sdk-go-v2/service/s3control/internal/customizations" 11 smithy "github.com/aws/smithy-go" 12 "github.com/aws/smithy-go/middleware" 13 smithyhttp "github.com/aws/smithy-go/transport/http" 14 "strings" 15) 16 17// Associates an access policy with the specified access point. Each access point 18// can have only one policy, so a request made to this API replaces any existing 19// policy associated with the specified access point. All Amazon S3 on Outposts 20// REST API requests for this action require an additional parameter of 21// x-amz-outpost-id to be passed with the request and an S3 on Outposts endpoint 22// hostname prefix instead of s3-control. For an example of the request syntax for 23// Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and 24// the x-amz-outpost-id derived using the access point ARN, see the Examples 25// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PutAccessPointPolicy.html#API_control_PutAccessPointPolicy_Examples) 26// section. The following actions are related to PutAccessPointPolicy: 27// 28// * 29// GetAccessPointPolicy 30// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_GetAccessPointPolicy.html) 31// 32// * 33// DeleteAccessPointPolicy 34// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_DeleteAccessPointPolicy.html) 35func (c *Client) PutAccessPointPolicy(ctx context.Context, params *PutAccessPointPolicyInput, optFns ...func(*Options)) (*PutAccessPointPolicyOutput, error) { 36 if params == nil { 37 params = &PutAccessPointPolicyInput{} 38 } 39 40 result, metadata, err := c.invokeOperation(ctx, "PutAccessPointPolicy", params, optFns, addOperationPutAccessPointPolicyMiddlewares) 41 if err != nil { 42 return nil, err 43 } 44 45 out := result.(*PutAccessPointPolicyOutput) 46 out.ResultMetadata = metadata 47 return out, nil 48} 49 50type PutAccessPointPolicyInput struct { 51 52 // The AWS account ID for owner of the bucket associated with the specified access 53 // point. 54 // 55 // This member is required. 56 AccountId *string 57 58 // The name of the access point that you want to associate with the specified 59 // policy. For using this parameter with Amazon S3 on Outposts with the REST API, 60 // you must specify the name and the x-amz-outpost-id as well. For using this 61 // parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN 62 // of the access point accessed in the format 63 // arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access 64 // point reports-ap through outpost my-outpost owned by account 123456789012 in 65 // Region us-west-2, use the URL encoding of 66 // arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. 67 // The value must be URL encoded. 68 // 69 // This member is required. 70 Name *string 71 72 // The policy that you want to apply to the specified access point. For more 73 // information about access point policies, see Managing data access with Amazon S3 74 // Access Points 75 // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) in 76 // the Amazon Simple Storage Service User Guide. 77 // 78 // This member is required. 79 Policy *string 80} 81 82type PutAccessPointPolicyOutput struct { 83 // Metadata pertaining to the operation's result. 84 ResultMetadata middleware.Metadata 85} 86 87func addOperationPutAccessPointPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { 88 err = stack.Serialize.Add(&awsRestxml_serializeOpPutAccessPointPolicy{}, middleware.After) 89 if err != nil { 90 return err 91 } 92 err = stack.Deserialize.Add(&awsRestxml_deserializeOpPutAccessPointPolicy{}, middleware.After) 93 if err != nil { 94 return err 95 } 96 if err = addSetLoggerMiddleware(stack, options); err != nil { 97 return err 98 } 99 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 100 return err 101 } 102 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 103 return err 104 } 105 if err = addResolveEndpointMiddleware(stack, options); err != nil { 106 return err 107 } 108 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 109 return err 110 } 111 if err = addRetryMiddlewares(stack, options); err != nil { 112 return err 113 } 114 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 115 return err 116 } 117 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 118 return err 119 } 120 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 121 return err 122 } 123 if err = addClientUserAgent(stack); err != nil { 124 return err 125 } 126 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 127 return err 128 } 129 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 130 return err 131 } 132 if err = addEndpointPrefix_opPutAccessPointPolicyMiddleware(stack); err != nil { 133 return err 134 } 135 if err = addOpPutAccessPointPolicyValidationMiddleware(stack); err != nil { 136 return err 137 } 138 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutAccessPointPolicy(options.Region), middleware.Before); err != nil { 139 return err 140 } 141 if err = addMetadataRetrieverMiddleware(stack); err != nil { 142 return err 143 } 144 if err = addPutAccessPointPolicyUpdateEndpoint(stack, options); err != nil { 145 return err 146 } 147 if err = addResponseErrorMiddleware(stack); err != nil { 148 return err 149 } 150 if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil { 151 return err 152 } 153 if err = addRequestResponseLogging(stack, options); err != nil { 154 return err 155 } 156 return nil 157} 158 159type endpointPrefix_opPutAccessPointPolicyMiddleware struct { 160} 161 162func (*endpointPrefix_opPutAccessPointPolicyMiddleware) ID() string { 163 return "EndpointHostPrefix" 164} 165 166func (m *endpointPrefix_opPutAccessPointPolicyMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( 167 out middleware.SerializeOutput, metadata middleware.Metadata, err error, 168) { 169 if smithyhttp.GetHostnameImmutable(ctx) || smithyhttp.IsEndpointHostPrefixDisabled(ctx) { 170 return next.HandleSerialize(ctx, in) 171 } 172 173 req, ok := in.Request.(*smithyhttp.Request) 174 if !ok { 175 return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) 176 } 177 178 input, ok := in.Parameters.(*PutAccessPointPolicyInput) 179 if !ok { 180 return out, metadata, fmt.Errorf("unknown input type %T", in.Parameters) 181 } 182 183 var prefix strings.Builder 184 if input.AccountId == nil { 185 return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("AccountId forms part of the endpoint host and so may not be nil")} 186 } else if !smithyhttp.ValidHostLabel(*input.AccountId) { 187 return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("AccountId forms part of the endpoint host and so must match \"[a-zA-Z0-9-]{1,63}\", but was \"%s\"", *input.AccountId)} 188 } else { 189 prefix.WriteString(*input.AccountId) 190 } 191 prefix.WriteString(".") 192 req.URL.Host = prefix.String() + req.URL.Host 193 194 return next.HandleSerialize(ctx, in) 195} 196func addEndpointPrefix_opPutAccessPointPolicyMiddleware(stack *middleware.Stack) error { 197 return stack.Serialize.Insert(&endpointPrefix_opPutAccessPointPolicyMiddleware{}, `OperationSerializer`, middleware.After) 198} 199 200func newServiceMetadataMiddleware_opPutAccessPointPolicy(region string) *awsmiddleware.RegisterServiceMetadata { 201 return &awsmiddleware.RegisterServiceMetadata{ 202 Region: region, 203 ServiceID: ServiceID, 204 SigningName: "s3", 205 OperationName: "PutAccessPointPolicy", 206 } 207} 208 209func copyPutAccessPointPolicyInputForUpdateEndpoint(params interface{}) (interface{}, error) { 210 input, ok := params.(*PutAccessPointPolicyInput) 211 if !ok { 212 return nil, fmt.Errorf("expect *PutAccessPointPolicyInput type, got %T", params) 213 } 214 cpy := *input 215 return &cpy, nil 216} 217func getPutAccessPointPolicyARNMember(input interface{}) (*string, bool) { 218 in := input.(*PutAccessPointPolicyInput) 219 if in.Name == nil { 220 return nil, false 221 } 222 return in.Name, true 223} 224func setPutAccessPointPolicyARNMember(input interface{}, v string) error { 225 in := input.(*PutAccessPointPolicyInput) 226 in.Name = &v 227 return nil 228} 229func backFillPutAccessPointPolicyAccountID(input interface{}, v string) error { 230 in := input.(*PutAccessPointPolicyInput) 231 if in.AccountId != nil { 232 if !strings.EqualFold(*in.AccountId, v) { 233 return fmt.Errorf("error backfilling account id") 234 } 235 return nil 236 } 237 in.AccountId = &v 238 return nil 239} 240func addPutAccessPointPolicyUpdateEndpoint(stack *middleware.Stack, options Options) error { 241 return s3controlcust.UpdateEndpoint(stack, s3controlcust.UpdateEndpointOptions{ 242 Accessor: s3controlcust.UpdateEndpointParameterAccessor{GetARNInput: getPutAccessPointPolicyARNMember, 243 BackfillAccountID: backFillPutAccessPointPolicyAccountID, 244 GetOutpostIDInput: nopGetOutpostIDFromInput, 245 UpdateARNField: setPutAccessPointPolicyARNMember, 246 CopyInput: copyPutAccessPointPolicyInputForUpdateEndpoint, 247 }, 248 EndpointResolver: options.EndpointResolver, 249 EndpointResolverOptions: options.EndpointOptions, 250 UseDualstack: options.UseDualstack, 251 UseARNRegion: options.UseARNRegion, 252 }) 253} 254