3342d49a43
* First cut of S3 Cloudformation Update support: encryption property. * Update type support for S3. Abstract base class for CloudFormation-aware models, as designed by @bblommers, introduced to decentralize CloudFormation resource and name property values to model objects. * Blackened... * Un-renamed param in s3.models.update_from_cloudformation_json() and its call to stay compatible with other modules. Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com> Co-authored-by: Joseph Weitekamp <jweite@amazon.com> Co-authored-by: Bert Blommers <info@bertblommers.nl>
34 lines
1.2 KiB
Python
34 lines
1.2 KiB
Python
from collections import OrderedDict
|
|
|
|
|
|
def cfn_to_api_encryption(bucket_encryption_properties):
|
|
|
|
sse_algorithm = bucket_encryption_properties["ServerSideEncryptionConfiguration"][
|
|
0
|
|
]["ServerSideEncryptionByDefault"]["SSEAlgorithm"]
|
|
kms_master_key_id = bucket_encryption_properties[
|
|
"ServerSideEncryptionConfiguration"
|
|
][0]["ServerSideEncryptionByDefault"].get("KMSMasterKeyID")
|
|
apply_server_side_encryption_by_default = OrderedDict()
|
|
apply_server_side_encryption_by_default["SSEAlgorithm"] = sse_algorithm
|
|
if kms_master_key_id:
|
|
apply_server_side_encryption_by_default["KMSMasterKeyID"] = kms_master_key_id
|
|
rule = OrderedDict(
|
|
{"ApplyServerSideEncryptionByDefault": apply_server_side_encryption_by_default}
|
|
)
|
|
bucket_encryption = OrderedDict(
|
|
{"@xmlns": "http://s3.amazonaws.com/doc/2006-03-01/"}
|
|
)
|
|
bucket_encryption["Rule"] = rule
|
|
return bucket_encryption
|
|
|
|
|
|
def is_replacement_update(properties):
|
|
properties_requiring_replacement_update = ["BucketName", "ObjectLockEnabled"]
|
|
return any(
|
|
[
|
|
property_requiring_replacement in properties
|
|
for property_requiring_replacement in properties_requiring_replacement_update
|
|
]
|
|
)
|