awscloud: add option to mark S3 object as public
By setting the object's ACL to "public-read", anyone can download the object even without authenticating with AWS. The osbuild-upload-generic-s3 command got a new -public argument that uses this new feature. Signed-off-by: Ondřej Budai <ondrej@budai.cz>
This commit is contained in:
Ondřej Budai
Sanne Raymaekers
parent
1c3fe82d1e
commit
0e6c132ee6
2 changed files with 25 additions and 0 deletions
|
|
@ -21,6 +21,7 @@ func main() {
|
|||
var bucketName string
|
||||
var keyName string
|
||||
var filename string
|
||||
var public bool
|
||||
flag.StringVar(&accessKeyID, "access-key-id", "", "access key ID")
|
||||
flag.StringVar(&secretAccessKey, "secret-access-key", "", "secret access key")
|
||||
flag.StringVar(&sessionToken, "session-token", "", "session token")
|
||||
|
|
@ -31,6 +32,7 @@ func main() {
|
|||
flag.StringVar(&bucketName, "bucket", "", "target S3 bucket name")
|
||||
flag.StringVar(&keyName, "key", "", "target S3 key name")
|
||||
flag.StringVar(&filename, "image", "", "image file to upload")
|
||||
flag.BoolVar(&public, "public", false, "if set, the S3 object is marked as public (default: false)")
|
||||
flag.Parse()
|
||||
|
||||
a, err := awscloud.NewForEndpoint(endpoint, region, accessKeyID, secretAccessKey, sessionToken, caBundle, skipSSLVerification)
|
||||
|
|
@ -45,5 +47,13 @@ func main() {
|
|||
os.Exit(1)
|
||||
}
|
||||
|
||||
if public {
|
||||
err := a.MarkS3ObjectAsPublic(bucketName, keyName)
|
||||
if err != nil {
|
||||
fmt.Println(err.Error())
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
fmt.Printf("file uploaded to %s\n", aws.StringValue(&uploadOutput.Location))
|
||||
}
|
||||
|
|
|
|||
|
|
@ -581,3 +581,18 @@ func (a *AWS) S3ObjectPresignedURL(bucket, objectKey string) (string, error) {
|
|||
logrus.Info("[AWS] 🎉 S3 Presigned URL ready")
|
||||
return url, nil
|
||||
}
|
||||
|
||||
func (a *AWS) MarkS3ObjectAsPublic(bucket, objectKey string) error {
|
||||
logrus.Infof("[AWS] 👐 Making S3 object public %s/%s", bucket, objectKey)
|
||||
_, err := a.s3.PutObjectAcl(&s3.PutObjectAclInput{
|
||||
Bucket: aws.String(bucket),
|
||||
Key: aws.String(objectKey),
|
||||
ACL: aws.String(s3.BucketCannedACLPublicRead),
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
logrus.Info("[AWS] ✔️ Making S3 object public successful")
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue