Skip to content

Commit

Permalink
s3_object - Add support for expcted_bucket_owner option. (#2206) (#2250)
Browse files Browse the repository at this point in the history
This is a backport of PR #2206 as merged into main (e7db692).
SUMMARY

Closes #2114

ISSUE TYPE


Bugfix Pull Request
Docs Pull Request
Feature Pull Request
New Module Pull Request

COMPONENT NAME

ADDITIONAL INFORMATION

Reviewed-by: Mark Chappell
  • Loading branch information
patchback[bot] authored Aug 27, 2024
1 parent 96da54e commit e55ddd8
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 6 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- s3_object - Add support for ``expected_bucket_owner`` option (https://github.com/ansible-collections/amazon.aws/issues/2114).
22 changes: 16 additions & 6 deletions plugins/modules/s3_object.py
Original file line number Diff line number Diff line change
Expand Up @@ -250,6 +250,13 @@
type: bool
version_added: 3.1.0
default: True
expected_bucket_owner:
description:
- The account ID of the expected bucket owner.
- If the account ID that you provide does not match the actual owner of the bucket,
the request fails with the HTTP status code 403 Forbidden (access denied).
type: str
version_added: 8.2.0
author:
- "Lester Wade (@lwade)"
- "Sloane Hertel (@s-hertel)"
Expand Down Expand Up @@ -862,13 +869,15 @@ def put_download_url(s3, bucket, obj, expiry):


def get_current_object_tags_dict(module, s3, bucket, obj, version=None):
params = {"Bucket": bucket, "Key": obj}

if module.params.get("expected_bucket_owner"):
params["ExpectedBucketOwner"] = module.params["expected_bucket_owner"]
if version:
params["VersionId"] = version

try:
if version:
current_tags = s3.get_object_tagging(aws_retry=True, Bucket=bucket, Key=obj, VersionId=version).get(
"TagSet"
)
else:
current_tags = s3.get_object_tagging(aws_retry=True, Bucket=bucket, Key=obj).get("TagSet")
current_tags = s3.get_object_tagging(aws_retry=True, **params).get("TagSet")
except is_boto3_error_code(IGNORE_S3_DROP_IN_EXCEPTIONS):
module.warn("GetObjectTagging is not implemented by your storage provider.")
return {}
Expand Down Expand Up @@ -1508,6 +1517,7 @@ def main():
),
),
validate_bucket_name=dict(type="bool", default=True),
expected_bucket_owner=dict(type="str"),
)

required_if = [
Expand Down

0 comments on commit e55ddd8

Please sign in to comment.