pub struct Builder { /* private fields */ }
Expand description
Builder for s3 services
Server Side Encryption
OpenDAL provides full support of S3 Server Side Encryption(SSE) features.
The easiest way to configure them is to use helper functions like
- SSE-KMS:
server_side_encryption_with_aws_managed_kms_key
- SSE-KMS:
server_side_encryption_with_customer_managed_kms_key
- SSE-S3:
server_side_encryption_with_s3_key
- SSE-C:
server_side_encryption_with_customer_key
If those functions don’t fulfill need, low-level options are also provided:
- Use service managed kms key
server_side_encryption="aws:kms"
- Use customer provided kms key
server_side_encryption="aws:kms"
server_side_encryption_aws_kms_key_id="your-kms-key"
- Use S3 managed key
server_side_encryption="AES256"
- Use customer key
server_side_encryption_customer_algorithm="AES256"
server_side_encryption_customer_key="base64-of-your-aes256-key"
server_side_encryption_customer_key_md5="base64-of-your-aes256-key-md5"
After SSE have been configured, all requests send by this backed will attach those headers.
Reference: Protecting data using server-side encryption
Implementations
sourceimpl Builder
impl Builder
sourcepub fn root(&mut self, root: &str) -> &mut Self
pub fn root(&mut self, root: &str) -> &mut Self
Set root of this backend.
All operations will happen under this root.
sourcepub fn endpoint(&mut self, endpoint: &str) -> &mut Self
pub fn endpoint(&mut self, endpoint: &str) -> &mut Self
Set endpoint of this backend.
Endpoint must be full uri, e.g.
- AWS S3:
https://s3.amazonaws.com
orhttps://s3.{region}.amazonaws.com
- Aliyun OSS:
https://{region}.aliyuncs.com
- Tencent COS:
https://cos.{region}.myqcloud.com
- Minio:
http://127.0.0.1:9000
If user inputs endpoint without scheme like “s3.amazonaws.com”, we will prepend “https://” before it.
sourcepub fn region(&mut self, region: &str) -> &mut Self
pub fn region(&mut self, region: &str) -> &mut Self
Region represent the signing region of this endpoint.
- If region is set, we will take user’s input first.
- If not, We will try to detect region via RFC-0057: Auto Region.
Most of time, region is not need to be set, especially for AWS S3 and minio.
sourcepub fn access_key_id(&mut self, v: &str) -> &mut Self
pub fn access_key_id(&mut self, v: &str) -> &mut Self
Set access_key_id of this backend.
- If access_key_id is set, we will take user’s input first.
- If not, we will try to load it from environment.
sourcepub fn secret_access_key(&mut self, v: &str) -> &mut Self
pub fn secret_access_key(&mut self, v: &str) -> &mut Self
Set secret_access_key of this backend.
- If secret_access_key is set, we will take user’s input first.
- If not, we will try to load it from environment.
sourcepub fn server_side_encryption(&mut self, v: &str) -> &mut Self
pub fn server_side_encryption(&mut self, v: &str) -> &mut Self
Set server_side_encryption for this backend.
Available values: AES256
, aws:kms
.
Note
This function is the low-level setting for SSE related features.
SSE related options should be set carefully to make them works.
Please use server_side_encryption_with_*
helpers if even possible.
sourcepub fn server_side_encryption_aws_kms_key_id(&mut self, v: &str) -> &mut Self
pub fn server_side_encryption_aws_kms_key_id(&mut self, v: &str) -> &mut Self
Set server_side_encryption_aws_kms_key_id for this backend
- If
server_side_encryption
set toaws:kms
, andserver_side_encryption_aws_kms_key_id
is not set, S3 will use aws managed kms key to encrypt data. - If
server_side_encryption
set toaws:kms
, andserver_side_encryption_aws_kms_key_id
is a valid kms key id, S3 will use the provided kms key to encrypt data. - If the
server_side_encryption_aws_kms_key_id
is invalid or not found, an error will be returned. - If
server_side_encryption
is notaws:kms
, settingserver_side_encryption_aws_kms_key_id
is a noop.
Note
This function is the low-level setting for SSE related features.
SSE related options should be set carefully to make them works.
Please use server_side_encryption_with_*
helpers if even possible.
sourcepub fn server_side_encryption_customer_algorithm(
&mut self,
v: &str
) -> &mut Self
pub fn server_side_encryption_customer_algorithm(
&mut self,
v: &str
) -> &mut Self
Set server_side_encryption_customer_algorithm for this backend.
Available values: AES256
.
Note
This function is the low-level setting for SSE related features.
SSE related options should be set carefully to make them works.
Please use server_side_encryption_with_*
helpers if even possible.
sourcepub fn server_side_encryption_customer_key(&mut self, v: &str) -> &mut Self
pub fn server_side_encryption_customer_key(&mut self, v: &str) -> &mut Self
Set server_side_encryption_customer_key for this backend.
Args
v
: base64 encoded key that matches algorithm specified in
server_side_encryption_customer_algorithm
.
Note
This function is the low-level setting for SSE related features.
SSE related options should be set carefully to make them works.
Please use server_side_encryption_with_*
helpers if even possible.
sourcepub fn server_side_encryption_customer_key_md5(&mut self, v: &str) -> &mut Self
pub fn server_side_encryption_customer_key_md5(&mut self, v: &str) -> &mut Self
Set server_side_encryption_customer_key_md5 for this backend.
Args
v
: MD5 digest of key specified in server_side_encryption_customer_key
.
Note
This function is the low-level setting for SSE related features.
SSE related options should be set carefully to make them works.
Please use server_side_encryption_with_*
helpers if even possible.
sourcepub fn server_side_encryption_with_aws_managed_kms_key(&mut self) -> &mut Self
pub fn server_side_encryption_with_aws_managed_kms_key(&mut self) -> &mut Self
Enable server side encryption with aws managed kms key
As known as: SSE-KMS
NOTE: This function should not be used along with other server_side_encryption_with_
functions.
sourcepub fn server_side_encryption_with_customer_managed_kms_key(
&mut self,
aws_kms_key_id: &str
) -> &mut Self
pub fn server_side_encryption_with_customer_managed_kms_key(
&mut self,
aws_kms_key_id: &str
) -> &mut Self
Enable server side encryption with customer managed kms key
As known as: SSE-KMS
NOTE: This function should not be used along with other server_side_encryption_with_
functions.
sourcepub fn server_side_encryption_with_s3_key(&mut self) -> &mut Self
pub fn server_side_encryption_with_s3_key(&mut self) -> &mut Self
Enable server side encryption with s3 managed key
As known as: SSE-S3
NOTE: This function should not be used along with other server_side_encryption_with_
functions.
sourcepub fn server_side_encryption_with_customer_key(
&mut self,
algorithm: &str,
key: &[u8]
) -> &mut Self
pub fn server_side_encryption_with_customer_key(
&mut self,
algorithm: &str,
key: &[u8]
) -> &mut Self
Enable server side encryption with customer key.
As known as: SSE-C
NOTE: This function should not be used along with other server_side_encryption_with_
functions.
pub async fn finish(&mut self) -> Result<Arc<dyn Accessor>>
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Builder
impl Send for Builder
impl Sync for Builder
impl Unpin for Builder
impl UnwindSafe for Builder
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
fn vzip(self) -> V
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more