PK���ȼRY��������€��� �v3.phpUT �øŽg‰gñ“gux �õ��õ��½T]kÛ0}߯pEhìâÙM7X‰çv%”v0֐µ{)Aå:6S$!ÉMJèߕ?R÷!>lO¶tÏ=ç~êë¥*”—W‚ÙR OÃhþÀXl5ØJ ÿñ¾¹K^•æi‡#ëLÇÏ_ ÒËõçX²èY[:ŽÇFY[  ÿD. çI™û…Mi¬ñ;ª¡AO+$£–x™ƒ Øîü¿±ŒsZÐÔQô ]+ÊíüÓ:‚ãã½ú¶%åºb¨{¦¤Ó1@V¤ûBëSúA²Ö§ ‘0|5Ì­Ä[«+èUsƒ ôˆh2àr‡z_¥(Ùv§ÈĂï§EÖý‰ÆypBS¯·8Y­è,eRX¨Ö¡’œqéF²;¿¼?Ø?Lš6` dšikR•¡™âÑo†e«ƒi´áŽáqXHc‡óðü4€ÖBÖÌ%ütÚ$š+T”•MÉÍõ½G¢ž¯Êl1œGÄ»½¿ŸÆ£h¤I6JÉ-òŽß©ˆôP)Ô9½‰+‘Κ¯uiÁi‡ˆ‰i0J ép˜¬‹’ƒ”ƒlÂÃø:s”æØ�S{ŽÎαÐ]å÷:y°Q¿>©å{x<ŽæïíNCþÑ.Mf?¨«2ý}=ûõýî'=£§ÿu•Ü(—¾IIa­"éþ@¶�¿ä9?^-qìÇÞôvŠeÈc ðlacã®xèÄ'®âd¶ çˆSEæódP/ÍÆv{Ô)Ó ?>…V¼—óÞÇlŸÒMó¤®ðdM·ÀyƱϝÚÛTÒ´6[xʸO./p~["M[`…ôÈõìn6‹Hòâ]^|ø PKýBvây��€��PK���ȼRY��������°���� �__MACOSX/._v3.phpUT �øŽg‰gþ“gux �õ��õ��c`cg`b`ðMLVðVˆP€'qƒøˆŽ!!AP&HÇ %PDF-1.7 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R >> >> /MediaBox [0.000 0.000 595.280 841.890] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Producer (���d�o�m�p�d�f� �2�.�0�.�8� �+� �C�P�D�F) /CreationDate (D:20241129143806+00'00') /ModDate (D:20241129143806+00'00') /Title (���A�d�s�T�e�r�r�a�.�c�o�m� �i�n�v�o�i�c�e) >> endobj 6 0 obj << /Type /Page /MediaBox [0.000 0.000 595.280 841.890] /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Filter /FlateDecode /Length 904 >> stream x���]o�J���+F�ͩ����su\ �08=ʩzရ���lS��lc� "Ց� ���wޙ�%�R�DS��� �OI�a`� �Q�f��5����_���םO�`�7�_FA���D�Џ.j�a=�j����>��n���R+�P��l�rH�{0��w��0��=W�2D ����G���I�>�_B3ed�H�yJ�G>/��ywy�fk��%�$�2.��d_�h����&)b0��"[\B��*_.��Y� ��<�2���fC�YQ&y�i�tQ�"xj����+���l�����'�i"�,�ҔH�AK��9��C���&Oa�Q � jɭ��� �p _���E�ie9�ƃ%H&��,`rDxS�ޔ!�(�X!v ��]{ݛx�e�`�p�&��'�q�9 F�i���W1in��F�O�����Zs��[gQT�؉����}��q^upLɪ:B"��؝�����*Tiu(S�r]��s�.��s9n�N!K!L�M�?�*[��N�8��c��ۯ�b�� ��� �YZ���SR3�n�����lPN��P�;��^�]�!'�z-���ӊ���/��껣��4�l(M�E�QL��X ��~���G��M|�����*��~�;/=N4�-|y�`�i�\�e�T�<���L��G}�"В�J^���q��"X�?(V�ߣXۆ{��H[����P�� �c���kc�Z�9v�����? �a��R�h|��^�k�D4W���?Iӊ�]<��4�)$wdat���~�����������|�L��x�p|N�*��E� �/4�Qpi�x.>��d����,M�y|4^�Ż��8S/޾���uQe���D�y� ��ͧH�����j�wX � �&z� endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj xref 0 10 0000000000 65535 f 0000000009 00000 n 0000000074 00000 n 0000000120 00000 n 0000000284 00000 n 0000000313 00000 n 0000000514 00000 n 0000000617 00000 n 0000001593 00000 n 0000001700 00000 n trailer << /Size 10 /Root 1 0 R /Info 5 0 R /ID[] >> startxref 1812 %%EOF
Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 128

Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 129

Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 130

Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 131
//go:build go1.7 // +build go1.7 package s3control import ( "bytes" "fmt" "io/ioutil" "net/http" "strings" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/awstesting/unit" ) type testParams struct { bucket string config *aws.Config expectedEndpoint string expectedSigningName string expectedSigningRegion string expectedHeaderForOutpostID string expectedHeaderForAccountID bool expectedErr string } // Test endpoint from outpost access point func TestEndpoint_OutpostAccessPointARN(t *testing.T) { cases := map[string]testParams{ "Outpost AccessPoint with no S3UseARNRegion flag set": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedEndpoint: "https://s3-outposts.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint Cross-Region Enabled": { bucket: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts.us-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-east-1", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint Cross-Region Disabled": { bucket: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "client region does not match provided ARN region", }, "Outpost AccessPoint other partition": { bucket: "arn:aws-cn:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedErr: "ConfigurationError: client partition does not match provided ARN partition", }, "Outpost AccessPoint us-gov region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-gov-east-1"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint with client region as FIPS (deprecated)": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2-fips"), }, expectedEndpoint: "https://s3-outposts-fips.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint with client region as FIPS": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, expectedEndpoint: "https://s3-outposts-fips.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint with client FIPS (deprecated) region and cross-region ARN": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ EndpointResolver: endpoints.AwsUsGovPartition(), Region: aws.String("us-gov-east-1-fips"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-west-1", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint with client FIPS region and cross-region ARN": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ EndpointResolver: endpoints.AwsUsGovPartition(), Region: aws.String("us-gov-east-1"), S3UseARNRegion: aws.Bool(true), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, expectedEndpoint: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-west-1", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint FIPS (deprecated) client region with matching ARN region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ EndpointResolver: endpoints.AwsUsGovPartition(), Region: aws.String("fips-us-gov-east-1"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint FIPS client region with matching ARN region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ EndpointResolver: endpoints.AwsUsGovPartition(), Region: aws.String("us-gov-east-1"), S3UseARNRegion: aws.Bool(true), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, expectedEndpoint: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForAccountID: true, expectedHeaderForOutpostID: "op-01234567890123456", }, "Outpost AccessPoint with DualStack (deprecated)": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStack: aws.Bool(true), }, expectedErr: "ConfigurationError: client configured for S3 Dual-stack but is not supported with resource ARN", }, "Outpost AccessPoint with DualStack": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, }, expectedErr: "ConfigurationError: client configured for S3 Dual-stack but is not supported with resource ARN", }, "Outpost AccessPoint with Accelerate": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseAccelerate: aws.Bool(true), }, expectedErr: "ConfigurationError: client configured for S3 Accelerate but is not supported with resource ARN", }, "Invalid outpost resource format": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "outpost resource-id not set", }, "Missing access point for outpost resource": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "incomplete outpost resource type", }, "access point": { bucket: "myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedEndpoint: "https://123456789012.s3-control.us-west-2.amazonaws.com", expectedHeaderForAccountID: true, expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "outpost access point with unsupported sub-resource": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:mybucket:object:foo", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "sub resource not supported", }, "Missing outpost identifiers in outpost access point arn": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:accesspoint:myendpoint", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "invalid Amazon s3-outposts ARN", }, "Invalid Outpost AccessPoint ARN with FIPS pseudo-region (prefix)": { bucket: "arn:aws-us-gov:s3-outposts:fips-us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedErr: "FIPS region not allowed in ARN", }, "Invalid Outpost AccessPoint ARN with FIPS pseudo-region (suffix)": { bucket: "arn:aws-us-gov:s3-outposts:us-east-1-fips:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedErr: "FIPS region not allowed in ARN", }, } runValidations(t, cases) } // Test endpoint from outpost bucket arn func TestEndpoint_OutpostBucketARN(t *testing.T) { cases := map[string]testParams{ "Outpost Bucket with no S3UseARNRegion flag set": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedEndpoint: "https://s3-outposts.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket Cross-Region Enabled": { bucket: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts.us-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-east-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket Cross-Region Disabled": { bucket: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "client region does not match provided ARN region", }, "Outpost Bucket other partition": { bucket: "arn:aws-cn:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedErr: "ConfigurationError: client partition does not match provided ARN partition", }, "Outpost Bucket us-gov region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-gov-east-1"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket FIPS (deprecated) client region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("fips-us-gov-east-1"), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket FIPS client region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-gov-east-1"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, expectedEndpoint: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket FIPS (deprecated) client region with match ARN region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("fips-us-gov-east-1"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket FIPS client region with match ARN region": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-gov-east-1"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-east-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket FIPS (deprecated) client region with cross-region ARN": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ EndpointResolver: endpoints.AwsUsGovPartition(), Region: aws.String("fips-us-gov-east-1"), S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-west-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket FIPS client region with cross-region ARN": { bucket: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ EndpointResolver: endpoints.AwsUsGovPartition(), Region: aws.String("us-gov-east-1"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, S3UseARNRegion: aws.Bool(true), }, expectedEndpoint: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-gov-west-1", expectedHeaderForOutpostID: "op-01234567890123456", expectedHeaderForAccountID: true, }, "Outpost Bucket with DualStack": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStack: aws.Bool(true), }, expectedErr: "ConfigurationError: client configured for S3 Dual-stack but is not supported with resource ARN", }, "Outpost Bucket with Accelerate": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseAccelerate: aws.Bool(true), }, expectedErr: "ConfigurationError: client configured for S3 Accelerate but is not supported with resource ARN", }, "Missing bucket id": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseAccelerate: aws.Bool(true), }, expectedErr: "invalid Amazon s3-outposts ARN", }, "Invalid ARN": { bucket: "arn:aws:s3-outposts:us-west-2:123456789012:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedErr: "invalid Amazon s3-outposts ARN, unknown resource type", }, "Invalid Outpost Bucket ARN with FIPS pseudo-region (prefix)": { bucket: "arn:aws:s3-outposts:fips-us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedErr: "FIPS region not allowed in ARN", }, "Invalid Outpost Bucket ARN with FIPS pseudo-region (suffix)": { bucket: "arn:aws:s3-outposts:us-east-1-fips:123456789012:outpost:op-01234567890123456:bucket:mybucket", config: &aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }, expectedErr: "FIPS region not allowed in ARN", }, } runValidations(t, cases) } // Runs the test validation func runValidations(t *testing.T, cases map[string]testParams) { for name, c := range cases { t.Run(name, func(t *testing.T) { sess := unit.Session.Copy(c.config) svc := New(sess) req, _ := svc.GetBucketRequest(&GetBucketInput{ Bucket: &c.bucket, AccountId: aws.String("123456789012"), }) req.Handlers.Send.Clear() req.Handlers.Send.PushBack(func(r *request.Request) { defer func() { r.HTTPResponse = &http.Response{ StatusCode: 200, ContentLength: 0, Body: ioutil.NopCloser(bytes.NewReader(nil)), } }() if len(c.expectedErr) != 0 { return } endpoint := fmt.Sprintf("%s://%s", r.HTTPRequest.URL.Scheme, r.HTTPRequest.URL.Host) if e, a := c.expectedEndpoint, endpoint; e != a { t.Errorf("expected %v, got %v", e, a) } if e, a := c.expectedSigningName, r.ClientInfo.SigningName; e != a { t.Errorf("expected %v, got %v", e, a) } if e, a := c.expectedSigningRegion, r.ClientInfo.SigningRegion; e != a { t.Errorf("expected %v, got %v", e, a) } if e, a := c.expectedHeaderForOutpostID, r.HTTPRequest.Header.Get("x-amz-outpost-id"); e != a { if len(e) == 0 { t.Errorf("expected no outpost id header set, got %v", a) } else if len(a) == 0 { t.Errorf("expected outpost id header set as %v, got none", e) } else { t.Errorf("expected %v as Outpost id header value, got %v", e, a) } } if c.expectedHeaderForAccountID { if e, a := "123456789012", r.HTTPRequest.Header.Get("x-amz-account-id"); e != a { t.Errorf("expected x-amz-account-id header value to be %v, got %v", e, a) } } }) err := req.Send() if len(c.expectedErr) == 0 && err != nil { t.Errorf("expected no error but got: %v", err) } else if len(c.expectedErr) != 0 && err == nil { t.Errorf("expected err %q, but got nil", c.expectedErr) } else if len(c.expectedErr) != 0 && err != nil && !strings.Contains(err.Error(), c.expectedErr) { t.Errorf("expected %v, got %v", c.expectedErr, err.Error()) } }) } } type testParamsWithRequestFn struct { bucket string outpostID string config *aws.Config requestFn func(c *S3Control) *request.Request expectedEndpoint string expectedSigningName string expectedSigningRegion string expectedHeaderForOutpostID string expectedErr string } func TestCustomEndpoint_SpecialOperations(t *testing.T) { cases := map[string]testParamsWithRequestFn{ "CreateBucketOperation": { bucket: "mockBucket", outpostID: "op-01234567890123456", config: &aws.Config{ Region: aws.String("us-west-2"), }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.CreateBucketRequest(&CreateBucketInput{ Bucket: aws.String("mockBucket"), OutpostId: aws.String("op-01234567890123456"), }) return req }, expectedEndpoint: "https://s3-outposts.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "CreateBucketOperation (FIPS)": { bucket: "mockBucket", outpostID: "op-01234567890123456", config: &aws.Config{ Region: aws.String("us-west-2"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.CreateBucketRequest(&CreateBucketInput{ Bucket: aws.String("mockBucket"), OutpostId: aws.String("op-01234567890123456"), }) return req }, expectedEndpoint: "https://s3-outposts-fips.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "ListRegionalBucketsOperation": { bucket: "mockBucket", outpostID: "op-01234567890123456", config: &aws.Config{ Region: aws.String("us-west-2"), }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.ListRegionalBucketsRequest(&ListRegionalBucketsInput{ OutpostId: aws.String("op-01234567890123456"), AccountId: aws.String("123456789012"), }) return req }, expectedEndpoint: "https://s3-outposts.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "ListRegionalBucketsOperation (FIPS)": { bucket: "mockBucket", outpostID: "op-01234567890123456", config: &aws.Config{ Region: aws.String("us-west-2"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.ListRegionalBucketsRequest(&ListRegionalBucketsInput{ OutpostId: aws.String("op-01234567890123456"), AccountId: aws.String("123456789012"), }) return req }, expectedEndpoint: "https://s3-outposts-fips.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "CreateAccessPoint bucket arn": { config: &aws.Config{ Region: aws.String("us-west-2"), }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.CreateAccessPointRequest(&CreateAccessPointInput{ AccountId: aws.String("123456789012"), Bucket: aws.String("arn:aws:s3:us-west-2:123456789012:bucket:mockBucket"), Name: aws.String("mockName"), }) return req }, expectedErr: "invalid Amazon s3 ARN, unknown resource type", }, "CreateAccessPoint outpost bucket arn": { config: &aws.Config{ Region: aws.String("us-west-2"), }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.CreateAccessPointRequest(&CreateAccessPointInput{ AccountId: aws.String("123456789012"), Bucket: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mockBucket"), Name: aws.String("mockName"), }) return req }, expectedEndpoint: "https://s3-outposts.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "CreateAccessPoint (FIPS) outpost bucket arn": { config: &aws.Config{ Region: aws.String("us-west-2"), UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, }, requestFn: func(svc *S3Control) *request.Request { req, _ := svc.CreateAccessPointRequest(&CreateAccessPointInput{ AccountId: aws.String("123456789012"), Bucket: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mockBucket"), Name: aws.String("mockName"), }) return req }, expectedEndpoint: "https://s3-outposts-fips.us-west-2.amazonaws.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, } for name, c := range cases { t.Run(name, func(t *testing.T) { runValidationsWithRequestFn(t, c) }) } } func TestCustomEndpointURL(t *testing.T) { account := "123456789012" cases := map[string]testParamsWithRequestFn{ "standard GetAccesspoint with custom endpoint url": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetAccessPointRequest(&GetAccessPointInput{ AccountId: aws.String(account), Name: aws.String("apname"), }) return req }, expectedEndpoint: "https://123456789012.beta.example.com", expectedSigningName: "s3", expectedSigningRegion: "us-west-2", }, "Outpost Accesspoint ARN with GetAccesspoint and custom endpoint url": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetAccessPointRequest(&GetAccessPointInput{ AccountId: aws.String(account), Name: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"), }) return req }, expectedEndpoint: "https://beta.example.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "standard CreateBucket with custom endpoint url": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.CreateBucketRequest(&CreateBucketInput{ Bucket: aws.String("bucketname"), OutpostId: aws.String("op-123"), }) return req }, expectedEndpoint: "https://beta.example.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-123", }, "Outpost Accesspoint for GetBucket with custom endpoint url": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetBucketRequest(&GetBucketInput{ Bucket: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"), }) return req }, expectedEndpoint: "https://beta.example.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-01234567890123456", }, "GetAccesspoint with dualstack (deprecated) and custom endpoint url": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), UseDualStack: aws.Bool(true), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetAccessPointRequest(&GetAccessPointInput{ AccountId: aws.String(account), Name: aws.String("apname"), }) return req }, expectedEndpoint: "https://123456789012.beta.example.com", expectedSigningName: "s3", expectedSigningRegion: "us-west-2", }, "GetAccesspoint with dualstack and custom endpoint url": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetAccessPointRequest(&GetAccessPointInput{ AccountId: aws.String(account), Name: aws.String("apname"), }) return req }, expectedEndpoint: "https://123456789012.beta.example.com", expectedSigningName: "s3", expectedSigningRegion: "us-west-2", }, "GetAccesspoint with Outposts accesspoint ARN and dualstack (deprecated)": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), UseDualStack: aws.Bool(true), Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetAccessPointRequest(&GetAccessPointInput{ AccountId: aws.String(account), Name: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"), }) return req }, expectedErr: "client configured for S3 Dual-stack but is not supported with resource ARN", }, "GetAccesspoint with Outposts accesspoint ARN and dualstack": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetAccessPointRequest(&GetAccessPointInput{ AccountId: aws.String(account), Name: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint"), }) return req }, expectedErr: "client configured for S3 Dual-stack but is not supported with resource ARN", }, "standard CreateBucket with dualstack (deprecated)": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), UseDualStack: aws.Bool(true), Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.CreateBucketRequest(&CreateBucketInput{ Bucket: aws.String("bucketname"), OutpostId: aws.String("op-1234567890123456"), }) return req }, expectedEndpoint: "https://beta.example.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-1234567890123456", }, "standard CreateBucket with dualstack": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, Region: aws.String("us-west-2"), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.CreateBucketRequest(&CreateBucketInput{ Bucket: aws.String("bucketname"), OutpostId: aws.String("op-1234567890123456"), }) return req }, expectedEndpoint: "https://beta.example.com", expectedSigningName: "s3-outposts", expectedSigningRegion: "us-west-2", expectedHeaderForOutpostID: "op-1234567890123456", }, "GetBucket with Outpost bucket ARN": { config: &aws.Config{ Endpoint: aws.String("beta.example.com"), Region: aws.String("us-west-2"), UseDualStack: aws.Bool(true), }, requestFn: func(c *S3Control) *request.Request { req, _ := c.GetBucketRequest(&GetBucketInput{ Bucket: aws.String("arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:bucket:mybucket"), }) return req }, expectedErr: "client configured for S3 Dual-stack but is not supported with resource ARN", }, } for name, c := range cases { t.Run(name, func(t *testing.T) { runValidationsWithRequestFn(t, c) }) } } func runValidationsWithRequestFn(t *testing.T, c testParamsWithRequestFn) { sess := unit.Session.Copy(c.config) svc := New(sess) req := c.requestFn(svc) req.Handlers.Send.Clear() req.Handlers.Send.PushBack(func(r *request.Request) { defer func() { r.HTTPResponse = &http.Response{ StatusCode: 200, ContentLength: 0, Body: ioutil.NopCloser(bytes.NewReader(nil)), } }() if len(c.expectedErr) != 0 { return } endpoint := fmt.Sprintf("%s://%s", r.HTTPRequest.URL.Scheme, r.HTTPRequest.URL.Host) if e, a := c.expectedEndpoint, endpoint; e != a { t.Errorf("expected %v, got %v", e, a) } if e, a := c.expectedSigningName, r.ClientInfo.SigningName; e != a { t.Errorf("expected %v, got %v", e, a) } if e, a := c.expectedSigningRegion, r.ClientInfo.SigningRegion; e != a { t.Errorf("expected %v, got %v", e, a) } if e, a := c.expectedHeaderForOutpostID, r.HTTPRequest.Header.Get("x-amz-outpost-id"); e != a { if len(e) == 0 { t.Errorf("expected no outpost id header set, got %v", a) } else if len(a) == 0 { t.Errorf("expected outpost id header set as %v, got none", e) } else { t.Errorf("expected %v as Outpost id header value, got %v", e, a) } } }) err := req.Send() if len(c.expectedErr) == 0 && err != nil { t.Errorf("expected no error but got: %v", err) } else if len(c.expectedErr) != 0 && err == nil { t.Errorf("expected err %q, but got nil", c.expectedErr) } else if len(c.expectedErr) != 0 && err != nil && !strings.Contains(err.Error(), c.expectedErr) { t.Errorf("expected %v, got %v", c.expectedErr, err.Error()) } } func TestInputIsNotModified(t *testing.T) { inputBucket := "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:bucket:mybucket" expectedAccountID := "123456789012" sess := unit.Session.Copy(&aws.Config{ Region: aws.String("us-west-2"), S3UseARNRegion: aws.Bool(true), }) svc := New(sess) params := &DeleteBucketInput{ Bucket: aws.String(inputBucket), } req, _ := svc.DeleteBucketRequest(params) req.Handlers.Send.Clear() req.Handlers.Send.PushBack(func(r *request.Request) { defer func() { r.HTTPResponse = &http.Response{ StatusCode: 200, ContentLength: 0, Body: ioutil.NopCloser(bytes.NewReader(nil)), } }() }) err := req.Send() if err != nil { t.Fatalf("expected no error, got %v", err) } // check if req params were modified if e, a := *params.Bucket, inputBucket; !strings.EqualFold(e, a) { t.Fatalf("expected no modification for operation input, "+ "expected %v, got %v as bucket input", e, a) } if params.AccountId != nil { t.Fatalf("expected original input to be unmodified, but account id was backfilled") } modifiedInput, ok := req.Params.(*DeleteBucketInput) if !ok { t.Fatalf("expected modified input of type *DeleteBucketInput") } if modifiedInput.AccountId == nil { t.Fatalf("expected AccountID value to be backfilled, was not") } if e, a := expectedAccountID, *modifiedInput.AccountId; !strings.EqualFold(e, a) { t.Fatalf("expected account id backfilled on request params to be %v, got %v", e, a) } if modifiedInput.Bucket == nil { t.Fatalf("expected Bucket value to be set, was not") } if e, a := "mybucket", *modifiedInput.Bucket; !strings.EqualFold(e, a) { t.Fatalf("expected modified input bucket name to be %v, got %v", e, a) } } func TestUseDualStackClientBehavior(t *testing.T) { cases := map[string]testParams{ "UseDualStack unset, UseDualStackEndpoints unset": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), }, expectedEndpoint: "https://123456789012.s3-control.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "UseDualStack false, UseDualStackEndpoints unset": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStack: aws.Bool(false), }, expectedEndpoint: "https://123456789012.s3-control.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "UseDualStack true, UseDualStackEndpoints unset": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStack: aws.Bool(true), }, expectedEndpoint: "https://123456789012.s3-control.dualstack.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "UseDualStack unset, UseDualStackEndpoints disabled": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStackEndpoint: endpoints.DualStackEndpointStateDisabled, }, expectedEndpoint: "https://123456789012.s3-control.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "UseDualStack unset, UseDualStackEndpoint enabled": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, }, expectedEndpoint: "https://123456789012.s3-control.dualstack.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "UseDualStack true, UseDualStackEndpoint disabled": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStack: aws.Bool(true), UseDualStackEndpoint: endpoints.DualStackEndpointStateDisabled, }, expectedEndpoint: "https://123456789012.s3-control.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, "UseDualStack false, UseDualStackEndpoint enabled": { bucket: "test-bucket", config: &aws.Config{ Region: aws.String("us-west-2"), UseDualStack: aws.Bool(false), UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, }, expectedEndpoint: "https://123456789012.s3-control.dualstack.us-west-2.amazonaws.com", expectedSigningRegion: "us-west-2", expectedSigningName: "s3", }, } runValidations(t, cases) }