aws_arn/builder/
s3.rs

1/*!
2Provides a set of simple helper functions to make ResourceNames for the S3 service.
3
4These resource definitions ae take from the AWS
5[documentation]( https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazons3.html#amazons3-resources-for-iam-policies)
6*/
7
8use crate::builder::ArnBuilder;
9use crate::known::Partition;
10use crate::known::Service::S3;
11use crate::{AccountIdentifier, Identifier, ResourceIdentifier, ResourceName};
12
13// ------------------------------------------------------------------------------------------------
14// Public Functions
15// ------------------------------------------------------------------------------------------------
16
17///
18/// `arn:${Partition}:s3:::${BucketName}`
19///
20pub fn bucket_in(partition: Identifier, bucket_name: Identifier) -> ResourceName {
21    ArnBuilder::service_id(S3.into())
22        .in_partition_id(partition)
23        .is(bucket_name.into())
24        .into()
25}
26
27///
28/// `arn:aws:s3:::${BucketName}`
29///
30pub fn bucket(bucket_name: Identifier) -> ResourceName {
31    bucket_in(Partition::default().into(), bucket_name)
32}
33
34///
35/// `arn:${Partition}:s3:::${BucketName}/${ObjectName}`
36///
37pub fn object_in(
38    partition: Identifier,
39    bucket_name: Identifier,
40    object_name: Identifier,
41) -> ResourceName {
42    ArnBuilder::service_id(S3.into())
43        .in_partition_id(partition)
44        .is(ResourceIdentifier::from_id_path(&[
45            bucket_name,
46            object_name,
47        ]))
48        .into()
49}
50
51///
52/// `arn:aws:s3:::${BucketName}/${ObjectName}`
53///
54pub fn object(bucket_name: Identifier, object_name: Identifier) -> ResourceName {
55    object_in(Partition::default().into(), bucket_name, object_name)
56}
57
58///
59/// `arn:aws:s3:::${BucketName}/${ObjectName}`
60///
61/// This function will panic if `bucket` is not an ResourceName for an S3 bucket.
62///
63pub fn object_from(bucket: &ResourceName, object_name: Identifier) -> ResourceName {
64    if bucket.service != S3.into() {
65        panic!(
66            "You can't make an S3 object from a {} ResourceName.",
67            bucket.service
68        );
69    }
70    ResourceName {
71        resource: ResourceIdentifier::from_path(&[bucket.resource.clone(), object_name.into()]),
72        ..bucket.clone()
73    }
74}
75
76///
77/// `arn:${Partition}:s3:${Region}:${Account}:job/${JobId}`
78///
79pub fn job_in(
80    partition: Identifier,
81    region: Identifier,
82    account: AccountIdentifier,
83    job_id: Identifier,
84) -> ResourceName {
85    ArnBuilder::service_id(S3.into())
86        .in_partition_id(partition)
87        .in_region_id(region)
88        .owned_by(account)
89        .is(job_id.into())
90        .into()
91}
92
93///
94/// `arn:aws:s3:${Region}:${Account}:job/${JobId}`
95///
96pub fn job(region: Identifier, account: AccountIdentifier, job_id: Identifier) -> ResourceName {
97    job_in(Partition::default().into(), region, account, job_id)
98}