1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
package main
import (
"context"
"flag"
"fmt"
"io/ioutil"
"log"
"time"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/aws/arn"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/aws/aws-sdk-go-v2/service/s3control"
)
const (
bucketName = "myBucketName"
accountID = "123456789012"
accessPoint = "accesspointname"
// vpcBucketEndpoint will be used by the SDK to resolve an endpoint, when making a call to
// access `bucket` data using s3 interface endpoint. This endpoint may be mutated by the SDK,
// as per the input provided to work with ARNs.
vpcBucketEndpoint = "https://bucket.vpce-0xxxxxxx-xxx8xxg.s3.us-west-2.vpce.amazonaws.com"
// vpcAccesspointEndpoint will be used by the SDK to resolve an endpoint, when making a call to
// access `access-point` data using s3 interface endpoint. This endpoint may be mutated by the SDK,
// as per the input provided to work with ARNs.
vpcAccesspointEndpoint = "https://accesspoint.vpce-0xxxxxxx-xxx8xxg.s3.us-west-2.vpce.amazonaws.com"
// vpcControlEndpoint will be used by the SDK to resolve an endpoint, when making a call to
// access `control` data using s3 interface endpoint. This endpoint may be mutated by the SDK,
// as per the input provided to work with ARNs.
vpcControlEndpoint = "https://control.vpce-0xxxxxxx-xxx8xxg.s3.us-west-2.vpce.amazonaws.com"
)
func main() {
if len(bucketName) == 0 {
flag.PrintDefaults()
log.Fatalf("invalid parameters, bucket name required")
}
// Load the SDK's configuration from environment and shared config, and
// create the client with this.
cfg, err := config.LoadDefaultConfig(context.TODO())
if err != nil {
log.Fatalf("failed to load SDK configuration, %v", err)
}
s3Client := s3.NewFromConfig(cfg)
s3controlClient := s3control.NewFromConfig(cfg)
// Create an S3 Bucket
fmt.Println("create s3 bucket")
setVPCBucketEndpoint := s3.WithEndpointResolver(s3.EndpointResolverFromURL(vpcBucketEndpoint))
createBucketParams := &s3.CreateBucketInput{
Bucket: aws.String(bucketName),
}
_, err = s3Client.CreateBucket(context.TODO(), createBucketParams, setVPCBucketEndpoint)
if err != nil {
panic(fmt.Errorf("failed to create bucket: %v", err))
}
// Wait for S3 Bucket to Exist
fmt.Println("wait for s3 bucket to exist")
waiter := s3.NewBucketExistsWaiter(s3Client)
err = waiter.Wait(context.TODO(), &s3.HeadBucketInput{
Bucket: aws.String(bucketName),
}, 120*time.Second)
if err != nil {
panic(fmt.Sprintf("bucket failed to materialize: %v", err))
}
// Create an Access Point referring to the bucket
fmt.Println("create an access point")
setVpcControlEndpoint := s3control.WithEndpointResolver(s3control.EndpointResolverFromURL(vpcControlEndpoint))
createAccesspointInput := &s3control.CreateAccessPointInput{
AccountId: aws.String(accountID),
Bucket: aws.String(bucketName),
Name: aws.String(accessPoint),
}
_, err = s3controlClient.CreateAccessPoint(context.TODO(), createAccesspointInput, setVpcControlEndpoint)
if err != nil {
panic(fmt.Sprintf("failed to create access point: %v", err))
}
// build an arn
apARN := arn.ARN{
Partition: "aws",
Service: "s3",
Region: cfg.Region,
AccountID: accountID,
Resource: "accesspoint/" + accessPoint,
}
// get object using access point ARN
fmt.Println("get object using access point")
setVPCAccesspointEndpoint := s3.WithEndpointResolver(s3.EndpointResolverFromURL(vpcAccesspointEndpoint))
getObjectInput := &s3.GetObjectInput{
Bucket: aws.String(apARN.String()),
Key: aws.String("somekey"),
}
getObjectOutput, err := s3Client.GetObject(context.TODO(), getObjectInput, setVPCAccesspointEndpoint)
if err != nil {
panic(fmt.Sprintf("failed get object request: %v", err))
}
_, err = ioutil.ReadAll(getObjectOutput.Body)
if err != nil {
panic(fmt.Sprintf("failed to read object body: %v", err))
}
}
|
