Skip to content

Commit

Permalink
Merge pull request #23679 from hashicorp/s3-bucket-acl-import-id-back…
Browse files Browse the repository at this point in the history
…port

r/s3_bucket_acl: backport support of pre-2018 naming for buckets in `us-east-1`
  • Loading branch information
anGie44 authored Mar 15, 2022
2 parents 7dd330e + 052b573 commit ad34de8
Show file tree
Hide file tree
Showing 3 changed files with 95 additions and 6 deletions.
3 changes: 3 additions & 0 deletions .changelog/23679.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_s3_bucket_acl: Support resource import for S3 bucket names consisting of uppercase letters, underscores, and a maximum of 255 characters
```
14 changes: 8 additions & 6 deletions internal/service/s3/bucket_acl.go
Original file line number Diff line number Diff line change
Expand Up @@ -458,17 +458,19 @@ func BucketACLCreateResourceID(bucket, expectedBucketOwner, acl string) string {
// BucketACLParseResourceID is a method for parsing the ID string
// for the bucket name, accountID, and ACL if provided.
func BucketACLParseResourceID(id string) (string, string, string, error) {
// For only bucket name in the ID e.g. bucket
// ~> Bucket names can consist of only lowercase letters, numbers, dots, and hyphens; Max 63 characters
bucketRegex := regexp.MustCompile(`^[a-z0-9.-]{1,63}$`)
// For only bucket name in the ID e.g. my-bucket or My_Bucket
// ~> On or after 3/1/2018: Bucket names can consist of only lowercase letters, numbers, dots, and hyphens; Max 63 characters
// ~> Before 3/1/2018: Bucket names could consist of uppercase letters and underscores if in us-east-1; Max 255 characters
// Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html
bucketRegex := regexp.MustCompile(`^([a-z0-9.-]{1,63}|[a-zA-Z0-9.\-_]{1,255})$`)
// For bucket and accountID in the ID e.g. bucket,123456789101
// ~> Account IDs must consist of 12 digits
bucketAndOwnerRegex := regexp.MustCompile(`^[a-z0-9.-]{1,63},\d{12}$`)
bucketAndOwnerRegex := regexp.MustCompile(`^([a-z0-9.-]{1,63}|[a-zA-Z0-9.\-_]{1,255}),\d{12}$`)
// For bucket and ACL in the ID e.g. bucket,public-read
// ~> (Canned) ACL values include: private, public-read, public-read-write, authenticated-read, aws-exec-read, and log-delivery-write
bucketAndAclRegex := regexp.MustCompile(`^[a-z0-9.-]{1,63},[a-z-]+$`)
bucketAndAclRegex := regexp.MustCompile(`^([a-z0-9.-]{1,63}|[a-zA-Z0-9.\-_]{1,255}),[a-z-]+$`)
// For bucket, accountID, and ACL in the ID e.g. bucket,123456789101,public-read
bucketOwnerAclRegex := regexp.MustCompile(`^[a-z0-9.-]{1,63},\d{12},[a-z-]+$`)
bucketOwnerAclRegex := regexp.MustCompile(`^([a-z0-9.-]{1,63}|[a-zA-Z0-9.\-_]{1,255}),\d{12},[a-z-]+$`)

// Bucket name ONLY
if bucketRegex.MatchString(id) {
Expand Down
84 changes: 84 additions & 0 deletions internal/service/s3/bucket_acl_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,90 @@ func TestBucketACLParseResourceID(t *testing.T) {
ExpectedBucket: "my-example.bucket.4000",
ExpectedBucketOwner: "123456789012",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1)", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("Example", "", ""),
ExpectedACL: "",
ExpectedBucket: "Example",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) that has underscores", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example_Bucket", "", ""),
ExpectedACL: "",
ExpectedBucket: "My_Example_Bucket",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) that has underscore, dot, and hyphens", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example-Bucket.local", "", ""),
ExpectedACL: "",
ExpectedBucket: "My_Example-Bucket.local",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) that has underscore, dots, hyphen, and numbers", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example-Bucket.4000", "", ""),
ExpectedACL: "",
ExpectedBucket: "My_Example-Bucket.4000",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) and acl", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("Example", "", s3.BucketCannedACLPrivate),
ExpectedACL: s3.BucketCannedACLPrivate,
ExpectedBucket: "Example",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) and acl that has underscores", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example_Bucket", "", s3.BucketCannedACLPublicReadWrite),
ExpectedACL: s3.BucketCannedACLPublicReadWrite,
ExpectedBucket: "My_Example_Bucket",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) that has underscore, dot, hyphen, and number and acl that has hyphens", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example-Bucket.4000", "", s3.BucketCannedACLPublicReadWrite),
ExpectedACL: s3.BucketCannedACLPublicReadWrite,
ExpectedBucket: "My_Example-Bucket.4000",
ExpectedBucketOwner: "",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) and bucket owner", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("Example", "123456789012", ""),
ExpectedACL: "",
ExpectedBucket: "Example",
ExpectedBucketOwner: "123456789012",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) that has underscore, dot, hyphen, and number and bucket owner", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example-Bucket.4000", "123456789012", ""),
ExpectedACL: "",
ExpectedBucket: "My_Example-Bucket.4000",
ExpectedBucketOwner: "123456789012",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1), bucket owner, and acl", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("Example", "123456789012", s3.BucketCannedACLPrivate),
ExpectedACL: s3.BucketCannedACLPrivate,
ExpectedBucket: "Example",
ExpectedBucketOwner: "123456789012",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1), bucket owner, and acl that has hyphens", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("Example", "123456789012", s3.BucketCannedACLPublicReadWrite),
ExpectedACL: s3.BucketCannedACLPublicReadWrite,
ExpectedBucket: "Example",
ExpectedBucketOwner: "123456789012",
},
{
TestName: "valid ID with bucket (pre-2018, us-east-1) that has underscore, dot, hyphen, and numbers, bucket owner, and acl that has hyphens", //lintignore:AWSAT003
InputID: tfs3.BucketACLCreateResourceID("My_Example-bucket.4000", "123456789012", s3.BucketCannedACLPublicReadWrite),
ExpectedACL: s3.BucketCannedACLPublicReadWrite,
ExpectedBucket: "My_Example-bucket.4000",
ExpectedBucketOwner: "123456789012",
},
}

for _, testCase := range testCases {
Expand Down

0 comments on commit ad34de8

Please sign in to comment.