// Code generated by smithy-go-codegen DO NOT EDIT. package s3 import ( "context" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an // identity other than the root user of the Amazon Web Services account that owns // the bucket, the calling identity must have the PutBucketPolicy permissions on // the specified bucket and belong to the bucket owner's account in order to use // this operation. If you don't have PutBucketPolicy permissions, Amazon S3 returns // a 403 Access Denied error. If you have the correct permissions, but you're not // using an identity that belongs to the bucket owner's account, Amazon S3 returns // a 405 Method Not Allowed error. As a security precaution, the root user of the // Amazon Web Services account that owns a bucket can always use this operation, // even if the policy explicitly denies the root user the ability to perform this // action. For more information, see Bucket policy examples // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html). // The following operations are related to PutBucketPolicy: // // * CreateBucket // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // // * // DeleteBucket // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) func (c *Client) PutBucketPolicy(ctx context.Context, params *PutBucketPolicyInput, optFns ...func(*Options)) (*PutBucketPolicyOutput, error) { if params == nil { params = &PutBucketPolicyInput{} } result, metadata, err := c.invokeOperation(ctx, "PutBucketPolicy", params, optFns, c.addOperationPutBucketPolicyMiddlewares) if err != nil { return nil, err } out := result.(*PutBucketPolicyOutput) out.ResultMetadata = metadata return out, nil } type PutBucketPolicyInput struct { // The name of the bucket. // // This member is required. Bucket *string // The bucket policy as a JSON document. // // This member is required. Policy *string // Set this parameter to true to confirm that you want to remove your permissions // to change this bucket policy in the future. ConfirmRemoveSelfBucketAccess bool // The MD5 hash of the request body. For requests made using the Amazon Web // Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is // calculated automatically. ContentMD5 *string // The account ID of the expected bucket owner. If the bucket is owned by a // different account, the request will fail with an HTTP 403 (Access Denied) error. ExpectedBucketOwner *string noSmithyDocumentSerde } type PutBucketPolicyOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata noSmithyDocumentSerde } func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketPolicy{}, middleware.After) if err != nil { return err } err = stack.Deserialize.Add(&awsRestxml_deserializeOpPutBucketPolicy{}, middleware.After) if err != nil { return err } if err = addSetLoggerMiddleware(stack, options); err != nil { return err } if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { return err } if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { return err } if err = addResolveEndpointMiddleware(stack, options); err != nil { return err } if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { return err } if err = addRetryMiddlewares(stack, options); err != nil { return err } if err = addHTTPSignerV4Middleware(stack, options); err != nil { return err } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { return err } if err = addClientUserAgent(stack); err != nil { return err } if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { return err } if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { return err } if err = smithyhttp.AddContentChecksumMiddleware(stack); err != nil { return err } if err = addOpPutBucketPolicyValidationMiddleware(stack); err != nil { return err } if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutBucketPolicy(options.Region), middleware.Before); err != nil { return err } if err = addMetadataRetrieverMiddleware(stack); err != nil { return err } if err = addPutBucketPolicyUpdateEndpoint(stack, options); err != nil { return err } if err = addResponseErrorMiddleware(stack); err != nil { return err } if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil { return err } if err = disableAcceptEncodingGzip(stack); err != nil { return err } if err = addRequestResponseLogging(stack, options); err != nil { return err } return nil } func newServiceMetadataMiddleware_opPutBucketPolicy(region string) *awsmiddleware.RegisterServiceMetadata { return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, SigningName: "s3", OperationName: "PutBucketPolicy", } } // getPutBucketPolicyBucketMember returns a pointer to string denoting a provided // bucket member valueand a boolean indicating if the input has a modeled bucket // name, func getPutBucketPolicyBucketMember(input interface{}) (*string, bool) { in := input.(*PutBucketPolicyInput) if in.Bucket == nil { return nil, false } return in.Bucket, true } func addPutBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Options) error { return s3cust.UpdateEndpoint(stack, s3cust.UpdateEndpointOptions{ Accessor: s3cust.UpdateEndpointParameterAccessor{ GetBucketFromInput: getPutBucketPolicyBucketMember, }, UsePathStyle: options.UsePathStyle, UseAccelerate: options.UseAccelerate, SupportsAccelerate: true, TargetS3ObjectLambda: false, EndpointResolver: options.EndpointResolver, EndpointResolverOptions: options.EndpointOptions, UseARNRegion: options.UseARNRegion, DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) }