Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[s3] Allow KMS SSE parameters in copy_object (#4593)

Browse Source
This commit is contained in:
FloatingGhost 2021-11-18 20:57:12 +00:00 committed by GitHub
parent 96bdba883b
commit 3f8895a9a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 33 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
moto/s3/models.py
View File

@ -2048,6 +2048,8 @@ class S3Backend(BaseBackend, CloudWatchMetricProvider):
storage=None, storage=None,
acl=None, acl=None,
src_version_id=None, src_version_id=None,
encryption=None,
kms_key_id=None,
): ):
key = self.get_object(src_bucket_name, src_key_name, version_id=src_version_id) key = self.get_object(src_bucket_name, src_key_name, version_id=src_version_id)
@ -2057,8 +2059,8 @@ class S3Backend(BaseBackend, CloudWatchMetricProvider):
value=key.value, value=key.value,
storage=storage or key.storage_class, storage=storage or key.storage_class,
multipart=key.multipart, multipart=key.multipart,
encryption=key.encryption, encryption=encryption or key.encryption,
kms_key_id=key.kms_key_id, kms_key_id=kms_key_id or key.kms_key_id,
bucket_key_enabled=key.bucket_key_enabled, bucket_key_enabled=key.bucket_key_enabled,
lock_mode=key.lock_mode, lock_mode=key.lock_mode,
lock_legal_status=key.lock_legal_status, lock_legal_status=key.lock_legal_status,

2
moto/s3/responses.py
View File

@ -1559,6 +1559,8 @@ class ResponseObject(_TemplateEnvironmentMixin, ActionAuthenticatorMixin):
storage=storage_class, storage=storage_class,
acl=acl, acl=acl,
src_version_id=src_version_id, src_version_id=src_version_id,
kms_key_id=kms_key_id,
encryption=encryption,
) )
else: else:
raise MissingKey(key=src_key) raise MissingKey(key=src_key)

29
tests/test_s3/test_s3.py
View File

@ -28,7 +28,7 @@ import pytest
import sure # noqa # pylint: disable=unused-import import sure # noqa # pylint: disable=unused-import
from moto import settings, mock_s3, mock_s3_deprecated, mock_config from moto import settings, mock_s3, mock_s3_deprecated, mock_config, mock_kms
import moto.s3.models as s3model import moto.s3.models as s3model
from moto.core.exceptions import InvalidNextTokenException from moto.core.exceptions import InvalidNextTokenException
from moto.settings import get_s3_default_key_buffer_size, S3_UPLOAD_PART_MIN_SIZE from moto.settings import get_s3_default_key_buffer_size, S3_UPLOAD_PART_MIN_SIZE
@ -3378,7 +3378,7 @@ def test_boto3_head_object_with_versioning():
@mock_s3 @mock_s3
def test_boto3_copy_non_existing_file(): def test_boto3_copy_non_existing_file():
s3 = boto3.resource("s3") s3 = boto3.resource("s3", region_name=DEFAULT_REGION_NAME)
src = "srcbucket" src = "srcbucket"
target = "target" target = "target"
s3.create_bucket(Bucket=src) s3.create_bucket(Bucket=src)
@ -6577,3 +6577,28 @@ def test_request_partial_content_should_contain_all_metadata():
assert response["LastModified"] == obj.last_modified assert response["LastModified"] == obj.last_modified
assert response["ContentLength"] == 4 assert response["ContentLength"] == 4
assert response["ContentRange"] == "bytes {}/{}".format(query_range, len(body)) assert response["ContentRange"] == "bytes {}/{}".format(query_range, len(body))
@mock_s3
@mock_kms
def test_boto3_copy_object_with_kms_encryption():
client = boto3.client("s3", region_name=DEFAULT_REGION_NAME)
kms_client = boto3.client("kms", region_name=DEFAULT_REGION_NAME)
kms_key = kms_client.create_key()["KeyMetadata"]["KeyId"]
client.create_bucket(
Bucket="blah", CreateBucketConfiguration={"LocationConstraint": "eu-west-1"}
)
client.put_object(Bucket="blah", Key="test1", Body=b"test1")
client.copy_object(
CopySource={"Bucket": "blah", "Key": "test1"},
Bucket="blah",
Key="test2",
SSEKMSKeyId=kms_key,
ServerSideEncryption="aws:kms",
)
result = client.head_object(Bucket="blah", Key="test2")
assert result["SSEKMSKeyId"] == kms_key
assert result["ServerSideEncryption"] == "aws:kms"