-
Notifications
You must be signed in to change notification settings - Fork 828
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
object_store: Add support for requester pays buckets #6768
Conversation
I also ran some manual testing locally to ensure it works end-to-end, but not sure if there's any place for them here #[tokio::test]
async fn test_get_request_payer() {
let client = AmazonS3Builder::new()
.with_access_key_id("REDACTED")
.with_secret_access_key("REDACTED")
.with_bucket_name("naip-visualization")
.with_region("us-west-2")
.with_request_payer(true)
.build()
.unwrap();
let resp = client.get(&"readme.txt".into()).await.unwrap();
let buf = resp.bytes().await.unwrap();
let s = String::from_utf8(buf.into()).unwrap();
dbg!(s);
} ran successfully and gave:
and #[tokio::test]
async fn test_signed_get_request_payer() {
let client = AmazonS3Builder::new()
.with_access_key_id("REDACTED")
.with_secret_access_key("REDACTED")
.with_bucket_name("naip-visualization")
.with_region("us-west-2")
.with_request_payer(true)
.build()
.unwrap();
let url = client
.signed_url(Method::GET, &"readme.txt".into(), Duration::from_secs(60))
.await
.unwrap();
dbg!(url.to_string());
} gave |
I don't think the CI failure is related to my changes. |
}; | ||
|
||
signer.authorize(&mut request, None); | ||
assert_eq!(request.headers().get(&AUTHORIZATION).unwrap(), "AWS4-HMAC-SHA256 Credential=AKIAIOSFODNN7EXAMPLE/20220806/us-east-1/ec2/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=a3c787a7ed37f7fdfbfd2d7056a3d7c9d85e6d52a2bfbec73793c0be6e7862d4") | ||
} | ||
|
||
#[test] | ||
fn test_sign_with_signed_payload_request_payer() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a minor question, otherwise looks good thank you
} | ||
|
||
static DATE_HEADER: HeaderName = HeaderName::from_static("x-amz-date"); | ||
static HASH_HEADER: HeaderName = HeaderName::from_static("x-amz-content-sha256"); | ||
static TOKEN_HEADER: HeaderName = HeaderName::from_static("x-amz-security-token"); | ||
static REQUEST_PAYER_HEADER: HeaderName = HeaderName::from_static("x-amz-request-payer"); | ||
static REQUEST_PAYER_HEADER_VALUE: HeaderValue = HeaderValue::from_static("requester"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are there other values for this header? Wondering if it should be an enumeration instead of a boolean?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, this is the only value for the header: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ObjectsinRequesterPaysBuckets.html
Which issue does this PR close?
Closes #6716.
Rationale for this change
Support for AWS S3 requester pays buckets. Open data is commonly provided through these buckets because it allows data providers to pay only for the cost of the data and not for the data egress.
What changes are included in this PR?
AmazonS3Builder::with_request_payer
config optionAwsAuthorizer
Are there any user-facing changes?
Addition of
AmazonS3Builder::with_request_payer