1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package s3 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12) 13 14// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an 15// identity other than the root user of the AWS account that owns the bucket, the 16// calling identity must have the PutBucketPolicy permissions on the specified 17// bucket and belong to the bucket owner's account in order to use this operation. 18// If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access 19// Denied error. If you have the correct permissions, but you're not using an 20// identity that belongs to the bucket owner's account, Amazon S3 returns a 405 21// Method Not Allowed error. As a security precaution, the root user of the AWS 22// account that owns a bucket can always use this operation, even if the policy 23// explicitly denies the root user the ability to perform this action. For more 24// information about bucket policies, see Using Bucket Policies and User Policies 25// (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). The 26// following operations are related to PutBucketPolicy: 27// 28// * CreateBucket 29// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) 30// 31// * 32// DeleteBucket 33// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) 34func (c *Client) PutBucketPolicy(ctx context.Context, params *PutBucketPolicyInput, optFns ...func(*Options)) (*PutBucketPolicyOutput, error) { 35 if params == nil { 36 params = &PutBucketPolicyInput{} 37 } 38 39 result, metadata, err := c.invokeOperation(ctx, "PutBucketPolicy", params, optFns, addOperationPutBucketPolicyMiddlewares) 40 if err != nil { 41 return nil, err 42 } 43 44 out := result.(*PutBucketPolicyOutput) 45 out.ResultMetadata = metadata 46 return out, nil 47} 48 49type PutBucketPolicyInput struct { 50 51 // The name of the bucket. 52 // 53 // This member is required. 54 Bucket *string 55 56 // The bucket policy as a JSON document. 57 // 58 // This member is required. 59 Policy *string 60 61 // Set this parameter to true to confirm that you want to remove your permissions 62 // to change this bucket policy in the future. 63 ConfirmRemoveSelfBucketAccess bool 64 65 // The MD5 hash of the request body. For requests made using the AWS Command Line 66 // Interface (CLI) or AWS SDKs, this field is calculated automatically. 67 ContentMD5 *string 68 69 // The account ID of the expected bucket owner. If the bucket is owned by a 70 // different account, the request will fail with an HTTP 403 (Access Denied) error. 71 ExpectedBucketOwner *string 72} 73 74type PutBucketPolicyOutput struct { 75 // Metadata pertaining to the operation's result. 76 ResultMetadata middleware.Metadata 77} 78 79func addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { 80 err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketPolicy{}, middleware.After) 81 if err != nil { 82 return err 83 } 84 err = stack.Deserialize.Add(&awsRestxml_deserializeOpPutBucketPolicy{}, middleware.After) 85 if err != nil { 86 return err 87 } 88 if err = addSetLoggerMiddleware(stack, options); err != nil { 89 return err 90 } 91 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 92 return err 93 } 94 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 95 return err 96 } 97 if err = addResolveEndpointMiddleware(stack, options); err != nil { 98 return err 99 } 100 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 101 return err 102 } 103 if err = addRetryMiddlewares(stack, options); err != nil { 104 return err 105 } 106 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 107 return err 108 } 109 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 110 return err 111 } 112 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 113 return err 114 } 115 if err = addClientUserAgent(stack); err != nil { 116 return err 117 } 118 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 119 return err 120 } 121 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 122 return err 123 } 124 if err = addOpPutBucketPolicyValidationMiddleware(stack); err != nil { 125 return err 126 } 127 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutBucketPolicy(options.Region), middleware.Before); err != nil { 128 return err 129 } 130 if err = addMetadataRetrieverMiddleware(stack); err != nil { 131 return err 132 } 133 if err = addPutBucketPolicyUpdateEndpoint(stack, options); err != nil { 134 return err 135 } 136 if err = addResponseErrorMiddleware(stack); err != nil { 137 return err 138 } 139 if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil { 140 return err 141 } 142 if err = disableAcceptEncodingGzip(stack); err != nil { 143 return err 144 } 145 if err = addRequestResponseLogging(stack, options); err != nil { 146 return err 147 } 148 if err = smithyhttp.AddContentChecksumMiddleware(stack); err != nil { 149 return err 150 } 151 return nil 152} 153 154func newServiceMetadataMiddleware_opPutBucketPolicy(region string) *awsmiddleware.RegisterServiceMetadata { 155 return &awsmiddleware.RegisterServiceMetadata{ 156 Region: region, 157 ServiceID: ServiceID, 158 SigningName: "s3", 159 OperationName: "PutBucketPolicy", 160 } 161} 162 163// getPutBucketPolicyBucketMember returns a pointer to string denoting a provided 164// bucket member valueand a boolean indicating if the input has a modeled bucket 165// name, 166func getPutBucketPolicyBucketMember(input interface{}) (*string, bool) { 167 in := input.(*PutBucketPolicyInput) 168 if in.Bucket == nil { 169 return nil, false 170 } 171 return in.Bucket, true 172} 173func addPutBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Options) error { 174 return s3cust.UpdateEndpoint(stack, s3cust.UpdateEndpointOptions{ 175 Accessor: s3cust.UpdateEndpointParameterAccessor{ 176 GetBucketFromInput: getPutBucketPolicyBucketMember, 177 }, 178 UsePathStyle: options.UsePathStyle, 179 UseAccelerate: options.UseAccelerate, 180 SupportsAccelerate: true, 181 TargetS3ObjectLambda: false, 182 EndpointResolver: options.EndpointResolver, 183 EndpointResolverOptions: options.EndpointOptions, 184 UseDualstack: options.UseDualstack, 185 UseARNRegion: options.UseARNRegion, 186 }) 187} 188