Skip to content

Commit

Permalink
Fix S3Control unit tests for outposts (#2192)
Browse files Browse the repository at this point in the history 
* fix unit tests

* previous commit reordered a test, which makes the PR diff harder to review. moved back to original order

* reordered tests

* remove typo
  • Loading branch information
@isaiahvita
isaiahvita authored Jul 18, 2023
1 parent 62a910d commit 2050bc3
Showing 1 changed file with 58 additions and 42 deletions.
100 changes: 58 additions & 42 deletions service/s3control/internal/customizations/update_endpoint_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@ func TestEndpointWithARN(t *testing.T) {
cases := map[string]struct {
options s3control.Options
bucket string
accessPoint string
expectedErr string
expectedReqURL string
expectedSigningName string
Expand All @@ -142,163 +143,163 @@ func TestEndpointWithARN(t *testing.T) {
expectedHeaderForAccountID bool
}{
"Outpost AccessPoint with no S3UseARNRegion flag set": {
bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-west-2",
},
expectedReqURL: "https://s3-outposts.us-west-2.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts.us-west-2.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-west-2",
expectedHeaderForAccountID: true,
expectedHeaderForOutpostID: "op-01234567890123456",
},
"Outpost AccessPoint Cross-Region Enabled": {
bucket: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-west-2",
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts.us-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts.us-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-east-1",
expectedHeaderForAccountID: true,
expectedHeaderForOutpostID: "op-01234567890123456",
},
"Outpost AccessPoint Cross-Region Disabled": {
bucket: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws:s3-outposts:us-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-west-2",
},
expectedErr: "client region does not match provided ARN region",
},
"Outpost AccessPoint other partition": {
bucket: "arn:aws-cn:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-cn:s3-outposts:cn-north-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-west-2",
UseARNRegion: true,
},
expectedErr: "ConfigurationError : client partition does not match provided ARN partition",
},
"Outpost AccessPoint us-gov region": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1",
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForAccountID: true,
expectedHeaderForOutpostID: "op-01234567890123456",
},
"Outpost AccessPoint with client region as FIPS": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1",
EndpointOptions: s3control.EndpointResolverOptions{
UseFIPSEndpoint: aws.FIPSEndpointStateEnabled,
},
},
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint with client region as FIPS (ResolvedRegion)": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1-fips",
},
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint with client FIPS and use arn region enabled": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1",
EndpointOptions: s3control.EndpointResolverOptions{
UseFIPSEndpoint: aws.FIPSEndpointStateEnabled,
},
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint with client FIPS (ResolvedRegion) and use arn region enabled": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1-fips",
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint client FIPS and cross region ARN": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1",
UseARNRegion: true,
EndpointOptions: s3control.EndpointResolverOptions{
UseFIPSEndpoint: aws.FIPSEndpointStateEnabled,
},
},
expectedReqURL: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-west-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint client FIPS (ResolvedRegion) and cross region ARN": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-west-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1-fips",
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-west-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-west-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint client FIPS with valid ARN region": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1",
EndpointOptions: s3control.EndpointResolverOptions{
UseFIPSEndpoint: aws.FIPSEndpointStateEnabled,
},
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint client FIPS (ResolvedRegion) with valid ARN region": {
bucket: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws-us-gov:s3-outposts:us-gov-east-1:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-gov-east-1-fips",
UseARNRegion: true,
},
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://s3-outposts-fips.us-gov-east-1.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedSigningName: "s3-outposts",
expectedSigningRegion: "us-gov-east-1",
expectedHeaderForOutpostID: "op-01234567890123456",
expectedHeaderForAccountID: true,
},
"Outpost AccessPoint with DualStack": {
bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
accessPoint: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:myaccesspoint",
options: s3control.Options{
Region: "us-west-2",
UseARNRegion: true,
Expand All @@ -321,24 +322,24 @@ func TestEndpointWithARN(t *testing.T) {
expectedErr: "incomplete outpost resource type",
},
"access point": {
bucket: "myaccesspoint",
accessPoint: "myaccesspoint",
options: s3control.Options{
Region: "us-west-2",
},
expectedReqURL: "https://123456789012.s3-control.us-west-2.amazonaws.com/v20180820/bucket/myaccesspoint",
expectedReqURL: "https://123456789012.s3-control.us-west-2.amazonaws.com/v20180820/accesspoint/myaccesspoint",
expectedHeaderForAccountID: true,
expectedSigningRegion: "us-west-2",
expectedSigningName: "s3",
},
"outpost access point with unsupported sub-resource": {
bucket: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:mybucket:object:foo",
accessPoint: "arn:aws:s3-outposts:us-west-2:123456789012:outpost:op-01234567890123456:accesspoint:mybucket:object:foo",
options: s3control.Options{
Region: "us-west-2",
},
expectedErr: "sub resource not supported",
},
"Missing outpost identifiers in outpost access point arn": {
bucket: "arn:aws:s3-outposts:us-west-2:123456789012:accesspoint:myendpoint",
accessPoint: "arn:aws:s3-outposts:us-west-2:123456789012:accesspoint:myendpoint",
options: s3control.Options{
Region: "us-west-2",
},
Expand Down Expand Up @@ -510,19 +511,34 @@ func TestEndpointWithARN(t *testing.T) {

ctx := context.Background()

// call an operation
_, err := svc.GetBucket(ctx, &s3control.GetBucketInput{
Bucket: ptr.String(c.bucket),
AccountId: ptr.String("123456789012"),
}, func(options *s3control.Options) {
// append request retriever middleware for request inspection
options.APIOptions = append(options.APIOptions,
func(stack *middleware.Stack) error {
// adds AFTER operation serializer middleware
stack.Serialize.Insert(&fm, "OperationSerializer", middleware.After)
return nil
})
})
var err error
if len(c.accessPoint) > 0 {
_, err = svc.GetAccessPoint(ctx, &s3control.GetAccessPointInput{
Name: ptr.String(c.accessPoint),
AccountId: ptr.String("123456789012"),
}, func(options *s3control.Options) {
// append request retriever middleware for request inspection
options.APIOptions = append(options.APIOptions,
func(stack *middleware.Stack) error {
// adds AFTER operation serializer middleware
stack.Serialize.Insert(&fm, "OperationSerializer", middleware.After)
return nil
})
})
} else {
_, err = svc.GetBucket(ctx, &s3control.GetBucketInput{
Bucket: ptr.String(c.bucket),
AccountId: ptr.String("123456789012"),
}, func(options *s3control.Options) {
// append request retriever middleware for request inspection
options.APIOptions = append(options.APIOptions,
func(stack *middleware.Stack) error {
// adds AFTER operation serializer middleware
stack.Serialize.Insert(&fm, "OperationSerializer", middleware.After)
return nil
})
})
}

// inspect any errors
if len(c.expectedErr) != 0 {
Expand Down

0 comments on commit 2050bc3

Please sign in to comment.