Denis Kirillov
6b8095182e
All checks were successful
/ Builds (1.20) (pull_request) Successful in 13m52s
/ Builds (1.21) (pull_request) Successful in 13m40s
/ Lint (pull_request) Successful in 19m2s
/ Tests (1.20) (pull_request) Successful in 14m18s
/ Tests (1.21) (pull_request) Successful in 14m23s
/ DCO (pull_request) Successful in 2m55s
/ Vulncheck (pull_request) Successful in 1m9s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
278 lines
10 KiB
Markdown
278 lines
10 KiB
Markdown
# S3 API support
|
|
|
|
Reference:
|
|
|
|
* [AWS S3 API Reference](https://docs.aws.amazon.com/AmazonS3/latest/API/s3-api.pdf)
|
|
|
|
| | Legend |
|
|
|-----|-------------------------------------------|
|
|
| 🟢 | Supported |
|
|
| 🟡 | Partially supported |
|
|
| 🔵 | Not supported yet, but will be in future |
|
|
| 🔴 | Not applicable or will never be supported |
|
|
|
|
## Object
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------------|-----------------------------------------|
|
|
| 🟢 | CopyObject | Done on gateway side |
|
|
| 🟢 | DeleteObject | |
|
|
| 🟢 | DeleteObjects | aka DeleteMultipleObjects |
|
|
| 🟢 | GetObject | |
|
|
| 🔴 | GetObjectTorrent | We don't plan implementing BT gateway |
|
|
| 🟢 | HeadObject | |
|
|
| 🟢 | ListParts | Parts loaded with MultipartUpload |
|
|
| 🟢 | ListObjects | |
|
|
| 🟢 | ListObjectsV2 | |
|
|
| 🟢 | PutObject | Content-MD5 header deprecated |
|
|
| 🔵 | SelectObjectContent | Need to have some Lambda to execute SQL |
|
|
| 🔵 | WriteGetObjectResponse | Waiting for Lambda to be developed |
|
|
| 🟢 | GetObjectAttributes | |
|
|
|
|
## ACL
|
|
|
|
For now there are some limitations:
|
|
|
|
| | Method | Comments |
|
|
|-----|--------------|-----------------------------------|
|
|
| 🟢 | GetObjectAcl | Objects can have only private acl |
|
|
| 🔴 | PutObjectAcl | Use PutBucketPolicy instead |
|
|
|
|
## Locking
|
|
|
|
For now there are some limitations:
|
|
|
|
* Retention period can't be shortened, only extended.
|
|
* You can't delete locks or object with unexpired lock.
|
|
|
|
| | Method | Comments |
|
|
|-----|----------------------------|-------------------------------|
|
|
| 🟡 | GetObjectLegalHold | |
|
|
| 🟢 | GetObjectLockConfiguration | aka GetBucketObjectLockConfig |
|
|
| 🟡 | GetObjectRetention | |
|
|
| 🟡 | PutObjectLegalHold | |
|
|
| 🟢 | PutObjectLockConfiguration | aka PutBucketObjectLockConfig |
|
|
| 🟡 | PutObjectRetention | |
|
|
|
|
## Multipart
|
|
|
|
CompleteMultipartUpload operations may take long time to complete. Gateway
|
|
sends whitespace characters to keep connection with the client alive. In this
|
|
case, gateway is unable to set proper HTTP headers like `X-Amz-Version-Id`.
|
|
|
|
| | Method | Comments |
|
|
|-----|-------------------------|----------|
|
|
| 🟢 | AbortMultipartUpload | |
|
|
| 🟢 | CompleteMultipartUpload | |
|
|
| 🟢 | CreateMultipartUpload | |
|
|
| 🟢 | ListMultipartUploads | |
|
|
| 🟢 | ListParts | |
|
|
| 🟢 | UploadPart | |
|
|
| 🟢 | UploadPartCopy | |
|
|
|
|
## Tagging
|
|
|
|
| | Method | Comments |
|
|
|-----|---------------------|----------|
|
|
| 🟢 | DeleteObjectTagging | |
|
|
| 🟢 | GetObjectTagging | |
|
|
| 🟢 | PutObjectTagging | |
|
|
|
|
## Versioning
|
|
|
|
See also `GetObject` and other method parameters.
|
|
|
|
| | Method | Comments |
|
|
|-----|--------------------|--------------------------|
|
|
| 🟢 | ListObjectVersions | ListBucketObjectVersions |
|
|
| 🔵 | RestoreObject | |
|
|
|
|
## Bucket
|
|
|
|
| | Method | Comments |
|
|
|-----|----------------------|-----------|
|
|
| 🟢 | CreateBucket | PutBucket |
|
|
| 🟢 | DeleteBucket | |
|
|
| 🟢 | GetBucketLocation | |
|
|
| 🟢 | HeadBucket | |
|
|
| 🟢 | ListBuckets | |
|
|
| 🔵 | PutPublicAccessBlock | |
|
|
|
|
## Acceleration
|
|
|
|
| | Method | Comments |
|
|
|-----|----------------------------------|---------------------|
|
|
| 🔴 | GetBucketAccelerateConfiguration | GetBucketAccelerate |
|
|
| 🔴 | PutBucketAccelerateConfiguration | |
|
|
|
|
## ACL
|
|
|
|
| | Method | Comments |
|
|
|-----|--------------|------------------------------|
|
|
| 🟡 | GetBucketAcl | Only canned acl is supported |
|
|
| 🟡 | PutBucketAcl | Only canned acl is supported |
|
|
|
|
## Analytics
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------------------------|----------|
|
|
| 🔵 | DeleteBucketAnalyticsConfiguration | |
|
|
| 🔵 | GetBucketAnalyticsConfiguration | |
|
|
| 🔵 | ListBucketAnalyticsConfigurations | |
|
|
| 🔵 | PutBucketAnalyticsConfiguration | |
|
|
|
|
## CORS
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------|----------|
|
|
| 🟢 | DeleteBucketCors | |
|
|
| 🟢 | GetBucketCors | |
|
|
| 🟢 | PutBucketCors | |
|
|
|
|
## Encryption
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------------|----------|
|
|
| 🔵 | DeleteBucketEncryption | |
|
|
| 🔵 | GetBucketEncryption | |
|
|
| 🔵 | PutBucketEncryption | |
|
|
|
|
## Inventory
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------------------------|----------|
|
|
| 🔵 | DeleteBucketInventoryConfiguration | |
|
|
| 🔵 | GetBucketInventoryConfiguration | |
|
|
| 🔵 | ListBucketInventoryConfigurations | |
|
|
| 🔵 | PutBucketInventoryConfiguration | |
|
|
|
|
## Lifecycle
|
|
|
|
| | Method | Comments |
|
|
|-----|---------------------------------|----------|
|
|
| 🔵 | DeleteBucketLifecycle | |
|
|
| 🔵 | GetBucketLifecycle | |
|
|
| 🔵 | GetBucketLifecycleConfiguration | |
|
|
| 🔵 | PutBucketLifecycle | |
|
|
| 🔵 | PutBucketLifecycleConfiguration | |
|
|
|
|
## Logging
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------|----------|
|
|
| 🔵 | GetBucketLogging | |
|
|
| 🔵 | PutBucketLogging | |
|
|
|
|
## Metrics
|
|
|
|
| | Method | Comments |
|
|
|-----|----------------------------------|----------|
|
|
| 🔵 | DeleteBucketMetricsConfiguration | |
|
|
| 🔵 | GetBucketMetricsConfiguration | |
|
|
| 🔵 | ListBucketMetricsConfigurations | |
|
|
| 🔵 | PutBucketMetricsConfiguration | |
|
|
|
|
## Notifications
|
|
|
|
| | Method | Comments |
|
|
|-----|------------------------------------|---------------|
|
|
| 🔵 | GetBucketNotification | |
|
|
| 🔵 | GetBucketNotificationConfiguration | |
|
|
| 🔵 | ListenBucketNotification | non-standard? |
|
|
| 🔵 | PutBucketNotification | |
|
|
| 🔵 | PutBucketNotificationConfiguration | |
|
|
|
|
## Ownership controls
|
|
|
|
| | Method | Comments |
|
|
|-----|-------------------------------|----------|
|
|
| 🔵 | DeleteBucketOwnershipControls | |
|
|
| 🔵 | GetBucketOwnershipControls | |
|
|
| 🔵 | PutBucketOwnershipControls | |
|
|
|
|
## Policy and replication
|
|
|
|
Bucket policy has the following limitations
|
|
|
|
* Supports only AWS principals in format `arn:aws:iam::<namespace>:user/<user>` or wildcard `*`.
|
|
* No complex conditions (only conditions for groups now supported)
|
|
|
|
Simple valid policy example:
|
|
|
|
```json
|
|
{
|
|
"Version": "2012-10-17",
|
|
"Statement": [
|
|
{
|
|
"Principal": {
|
|
"AWS": [
|
|
"arn:aws:iam::111122223333:role/JohnDoe"
|
|
]
|
|
},
|
|
"Effect": "Allow",
|
|
"Action": [
|
|
"s3:GetObject",
|
|
"s3:GetObjectVersion"
|
|
],
|
|
"Resource": [
|
|
"arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
Bucket policy status determines using the following scheme:
|
|
|
|
* If policy has statement with principal that is wildcard (`*`) then policy is considered as public
|
|
|
|
| | Method | Comments |
|
|
|-----|-------------------------|---------------------------------------------------|
|
|
| 🟢 | DeleteBucketPolicy | See Policy limitations |
|
|
| 🔵 | DeleteBucketReplication | |
|
|
| 🔵 | DeletePublicAccessBlock | |
|
|
| 🟢 | GetBucketPolicy | See Policy limitations |
|
|
| 🟢 | GetBucketPolicyStatus | See rule determining status in Policy limitations |
|
|
| 🔵 | GetBucketReplication | |
|
|
| 🟢 | PostPolicyBucket | Upload file using POST form |
|
|
| 🟡 | PutBucketPolicy | See Policy limitations |
|
|
| 🔵 | PutBucketReplication | |
|
|
|
|
## Request payment
|
|
|
|
| | Method | Comments |
|
|
|-----|-------------------------|----------|
|
|
| 🔴 | GetBucketRequestPayment | |
|
|
| 🔴 | PutBucketRequestPayment | |
|
|
|
|
## Tagging
|
|
|
|
| | Method | Comments |
|
|
|-----|---------------------|----------|
|
|
| 🟢 | DeleteBucketTagging | |
|
|
| 🟢 | GetBucketTagging | |
|
|
| 🟢 | PutBucketTagging | |
|
|
|
|
## Tiering
|
|
|
|
| | Method | Comments |
|
|
|-----|---------------------------------------------|----------|
|
|
| 🔵 | DeleteBucketIntelligentTieringConfiguration | |
|
|
| 🔵 | GetBucketIntelligentTieringConfiguration | |
|
|
| 🔵 | ListBucketIntelligentTieringConfigurations | |
|
|
| 🔵 | PutBucketIntelligentTieringConfiguration | |
|
|
|
|
## Versioning
|
|
|
|
| | Method | Comments |
|
|
|-----|---------------------|----------|
|
|
| 🟢 | GetBucketVersioning | |
|
|
| 🟢 | PutBucketVersioning | |
|
|
|
|
## Website
|
|
|
|
| | Method | Comments |
|
|
|-----|---------------------|----------|
|
|
| 🔵 | DeleteBucketWebsite | |
|
|
| 🔵 | GetBucketWebsite | |
|
|
| 🔵 | PutBucketWebsite | |
|