Update documentation for supported bucket types #1176

vladem · 2024-11-29T09:38:36Z

Update the documentation to enumerate supported bucket types.

Does this change impact existing behavior?

No.

Does this change need a changelog entry?

No.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the Developer Certificate of Origin (DCO).

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

passaro · 2024-11-29T10:38:47Z

doc/CONFIGURATION.md

@@ -105,6 +105,10 @@ Mountpoint also respects access control lists (ACLs) applied to objects in your

 By default, Mountpoint will automatically mount your S3 bucket given only the bucket name, and will automatically select the appropriate S3 HTTPS endpoint. However, you can override this automation if you need finer control over how Mountpoint connects to your bucket.

+### S3 Bucket Types


nit: lower case for consistency with other sections

passaro · 2024-11-29T10:50:13Z

doc/CONFIGURATION.md

@@ -105,6 +105,10 @@ Mountpoint also respects access control lists (ACLs) applied to objects in your

 By default, Mountpoint will automatically mount your S3 bucket given only the bucket name, and will automatically select the appropriate S3 HTTPS endpoint. However, you can override this automation if you need finer control over how Mountpoint connects to your bucket.

+### S3 Bucket Types
+
+Mountpoint for Amazon S3 supports the following S3 bucket types: general purpose and directory. For more information on general purpose bucket naming rules see [here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html), and for directory buckets see [here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html).


Before pointing to the guide, should we provide examples? e.g. amzn-s3-demo-bucket vs amzn-s3-demo-bucket--az_id--x-s3

It would make it clear that users have to provide the "full" bucket name, including the suffix for directory buckets.

A little related to my comment on the purpose of these docs (https://github.com/awslabs/mountpoint-s3/pull/1176/files#r1863577958), I think we should be explicit with the intention. If we want to help customers understand how to use these buckets, then giving examples would be good.

For instance, we should recommend to customers to provide the bucket name including any suffix.

Again if this is the purpose, we should also mention that S3 Object Lambda can be used (and maybe Multi-Region Access Points) and link to their configuration sections.

dannycjones · 2024-11-29T14:09:00Z

doc/CONFIGURATION.md

@@ -105,6 +105,10 @@ Mountpoint also respects access control lists (ACLs) applied to objects in your

 By default, Mountpoint will automatically mount your S3 bucket given only the bucket name, and will automatically select the appropriate S3 HTTPS endpoint. However, you can override this automation if you need finer control over how Mountpoint connects to your bucket.

+### S3 Bucket Types
+
+Mountpoint for Amazon S3 supports the following S3 bucket types: general purpose and directory. For more information on general purpose bucket naming rules see [here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html), and for directory buckets see [here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html).


What's the purpose of this documentation? If its just to state that we support them, I'd recommend we just link out to overview of that bucket type like this one: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

Update CRT submodules to latest releases <details> <summary>Full CRT changes</summary> ``` Submodule mountpoint-s3-crt-sys/crt/aws-c-common fadfef4..7a6f5df: > Fix dependency build failure on old cmake versions (#1176) Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 337155f..1c80418: > Improve Copy Operation by taking the Source URI (#482) > Auto - Update S3 Ruleset & Partition (#483) > Fix CI for GCC-13 on Ubuntu-18 (#479) > [s3_client]: retry on failed TLS negotiation (#478) > [s3_meta_request]: Retry on ExpiredToken (#472) > Remove Extra Platform Info That Is Not Used (#475) > Respect checksum header over settings from options (#474) > Add full object checksum callback (#473) Submodule mountpoint-s3-crt-sys/crt/aws-c-sdkutils ce09f79..1ae8664: > Update Config File Parsing Logic to Parse Services Section (#51) > Switch CI to use Roles (#49) Submodule mountpoint-s3-crt-sys/crt/aws-lc 5982853..697acc6: > Prepare release v1.42.0 (#2094) > alignas(16) unsupported w/ GCC 7.2 for ARM32 (#2086) > Update ML-KEM's internal header files to use unique include guards (#2078) > Provide FIPS_is_entropy_cpu_jitter() (#2088) > CMake, use 'NOT WIN32' instead of 'UNIX' (#2075) > Only need libunwind for testing (#2093) > Add more logging for SSL_ERROR_SYSCALL errors in bssl_shim.cc (#2079) > Add more test coverage for Ruby/OpenSSL gem (#2085) > aws-lc-rs scripts now use nightly (#2087) > ML-DSA unique names (#2072) > Fix python tests for upstream PR 128036 (#2080) > Remove algorithms from testmodulewrapper that are now used in the real modulewrapper (#2069) > Fix tpm2-tss CI job (#2076) > [EC] ec_nistp P-256 C scalar_mul_{base|public} (#2033) > No PR license statement check on a merge (#2074) > Migrate 1st batch of CI jobs to CodeBuild (#2067) > Ensure PQDSA test suite has length checks on input signatures and public keys (#2062) > Fix CI for aws-lc-rs (#2073) > Upstream merge 2024 12 13 (#2060) > Modified posix builds to enable dilithium by default (#2034) > Extend documentation for basic BN_foo functions (#2066) > Add PKCS7_print_ctx as a no-op (#2064) > Update BoringSSL benchmark to use C++17 (#2063) > Prune hanging instances longer than 2 hours (#2061) > Add fuzz testing for PKCS7_verify (#2051) > [EC] Use s2n-bignum's modular inversion for P-256/384/521 (#2057) > Fuzzing PKCS7 encrypted inputs (#2027) > Add integration script and CI for ruby 3.1 and 3.2 (#1563) > Bring in testing changes from upstream commit 5ee4e95 (#2048) > [EC] P-256/384/521 s2n-bignum scalar multiplication (#2036) > Use older image with gcc-13 for alpine linux ci (#2054) > Just use releasecheck with tcpdump ci (#2055) > Address fips hash using adrp instead of adr to increase reach (#2053) > Prepare release 1.41.1 (#2052) > s2n-bignum update 2024-12-10 (#2050) > Fix RSAZABI test and enable IFMA based RSA on Windows (#1869) > Upstream merge 2024 12 02 (#2030) > Update FIPS v3.0 draft security policy (#2047) > Switch ML-DSA to use AWS-LC SHA3 (#2001) > Added FIPS 204 documentation, cleanse intermediate values (#2017) > Link to NIST website (#2045) > Prevent accidental null dereference (#2046) > Deprecate recently added PKCS7 functions (#2039) > Allow build on Solaris (#2035) > Use SHA256 as default digest for OCSP signing (#2038) > Add blowfish names to EVP_CIPHER API (#2041) > Initialize arrays as arrays (#2042) > Add AWS-LC-FIPS v3.0 policy docs (#2043) > Implement PKCS7_verify, update PKCS7_sign (#1993) > Move PQDSA to FIPS module (#2032) > Only abort when RSA PWCT fail in FIPS (#2020) > Revert "Trim some redundant Arm feature detection files" (#1979) > Fix perl handling of paths w/ spaces (#2005) > Upstream merge 2024 11 18 (#2012) > Fix CI issues with ML-DSA (#2031) > strdup is not C99 (#2008) > Add ML-DSA-44 and ML-DSA-87 to PQDSA API (#2009) > Coverity fixes for P173127397 (#2014) > Fix strongSwan CI (#2028) > Ran minimise_corpora.sh (#2024) > Expose BN_set_flags as a no-op (#2021) > Fix segfault in PKCS7 test (#2025) > Update aws-lc-nginx.patch for nginx v1.27.3 (#2023) > Fix python 3.13 patch (#2026) > Allow constructed strings in BER parsing (#2015) Submodule mountpoint-s3-crt-sys/crt/s2n-tls 493b771..2e79e7e: > refactor(bench): remove historical benchmarks (#4940) > fix: pem parsing detection of last cert errors (#4908) > docs: specify s2n_blob growable conditions (#4943) > chore(bindings): move tokio examples to dedicated folder (#4954) > chore: fix GHA for merge-queue (#4973) > chore(binding): release 0.3.8 (#4969) > (chore): Installs Nix in AL2023 Buildspec (#4934) > build(deps): bump the all-gha-updates group in /.github/workflows with 5 updates (#4961) > feat(s2n-tls-hyper): Add support for negotiating HTTP/2 (#4924) > tests: allow TLS1.2 with RSA-PSS certs in integ tests (#4949) > ci: update CRT test ubuntu version to ubuntu24 (#4964) > feat(bindings): enable application owned certs (#4937) > ci: batch dependabot updates (#4959) > ci(refactor): deprecate Omnibus (#4953) > build(deps): bump actions/cache from 2.1.4 to 4.1.2 in /.github/workflows (#4928) > build(deps): bump peaceiris/actions-gh-pages from 3 to 4 in /.github/workflows (#4921) > build(deps): bump cross-platform-actions/action from 0.23.0 to 0.26.0 in /.github/workflows (#4951) > build(deps): bump github/codeql-action from 2 to 3 in /.github/workflows (#4917) > ci: add change directory to third-party-src logic (#4950) > feat: TLS1.2 support for RSA-PSS certificates (#4927) > feat: feature probe S2N_LIBCRYPTO_SUPPORTS_ENGINE (#4878) > test(bindings): run unit tests under asan (#4948) > ci(refactor): remove ASAN from Omnibus and GeneralBatch (#4946) > ci(refactor): remove fuzz tests from Omnibus (#4945) > refactor: add a s2n_libcrypto_is_openssl() helper function (#4930) > fix(s2n-tls-hyper): Add proper IPv6 address formatting (#4938) > ci: add openssl-1.0.2-fips to fuzz test (#4942) > ci(refactor): remove Valgrind checks from omnibus and generalBatch (#4913) > fix(bindings): address clippy issues from 1.83 (#4941) > test: pin tests to explicit TLS 1.2/TLS 1.3 policy (#4926) > (chore): Fixes team-label github action (#4935) > chore: add new team member (#4939) > upgrade cmake version to 3.9 (#4933) > ci: add awslc-fips and openssl-1.0.2-fips to valgrind (#4912) > chore(bindings): feature gate network testsa and relax http status assertions (#4907) > chore: Ocsp timeout adjustment (#4866) > build(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 in /.github/workflows (#4892) > test: expand s2n_record_read testing to both TLS1.3 and TLS1.2 (#4903) > test: pin optional client auth test to a TLS 1.2 policy (#4914) > feat: add alert mappings for certificate errors (#4919) > doc: document generating bindings with prebuilt libs2n (#4872) > ci: Move kTLS test out of GeneralBatch (#4904) > build(deps): bump actions/checkout from 3 to 4 in /.github/workflows (#4888) > test(s2n-tls-hyper): matching on s2n-tls error (#4906) > build(deps): bump nixbuild/nix-quick-install-action from 21 to 29 in /.github/workflows (#4890) > build(deps): bump JulienKode/team-labeler-action from 0.1.1 to 1.3 in /.github/workflows (#4889) > tests: pin tests to a numbered TLS1.2 policy (#4905) > test: remove load system certs functionality for s2n_default_tls13_config (#4897) > doc: add information about s2n-tls software architecture (#4868) > ci: grant dependabot status update permissions (#4898) > ci: fixes for cargo audit (#4895) > test(s2n-tls-hyper): Add localhost http tests (#4838) > test: add rust well-known-endpoint tests (#4884) > chore: bindings release 0.3.7 (#4894) > chore: add a cargo audit action (#4862) > ci: add open fds valgrind check (#4851) ``` </details> </details> ### Does this change impact existing behavior? No. ### Does this change need a changelog entry? No. --- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). --------- Signed-off-by: Ilya Isaev <iisaev@amazon.com> Co-authored-by: Ilya Isaev <iisaev@amazon.com>

Update documentation for supported bucket types

8cfc0e4

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

vladem had a problem deploying to PR integration tests November 29, 2024 09:38 — with GitHub Actions Failure

vladem requested a review from passaro November 29, 2024 09:38

muddyfish previously approved these changes Nov 29, 2024

View reviewed changes

passaro reviewed Nov 29, 2024

View reviewed changes

dannycjones reviewed Nov 29, 2024

View reviewed changes

vladem dismissed muddyfish’s stale review via 8cfc0e4 November 29, 2024 14:51

vladem force-pushed the bucket-types-doc branch from dbca8d1 to 8cfc0e4 Compare November 29, 2024 14:51

vladem had a problem deploying to PR integration tests November 29, 2024 14:51 — with GitHub Actions Failure

vladem had a problem deploying to PR integration tests November 29, 2024 14:52 — with GitHub Actions Failure

Fix case

71b49a6

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

vladem had a problem deploying to PR integration tests November 29, 2024 14:52 — with GitHub Actions Failure

Add examples, mention access points

71b0eac

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

vladem temporarily deployed to PR integration tests November 29, 2024 15:59 — with GitHub Actions Inactive

passaro previously approved these changes Nov 29, 2024

View reviewed changes

Update documentation

5117f06

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

vladem dismissed passaro’s stale review via 5117f06 December 2, 2024 09:22

vladem temporarily deployed to PR integration tests December 2, 2024 09:22 — with GitHub Actions Inactive

vladem requested review from passaro and dannycjones December 2, 2024 09:23

Update documentation

03e5eca

Signed-off-by: Vlad Volodkin <vlaad@amazon.com>

vladem temporarily deployed to PR integration tests December 2, 2024 09:27 — with GitHub Actions Inactive

passaro approved these changes Dec 2, 2024

View reviewed changes

vladem added this pull request to the merge queue Dec 2, 2024

Merged via the queue into awslabs:main with commit 59f7ba5 Dec 2, 2024
23 checks passed

vladem deleted the bucket-types-doc branch December 2, 2024 10:16

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update documentation for supported bucket types #1176

Update documentation for supported bucket types #1176

vladem commented Nov 29, 2024 •

edited

Loading

passaro Nov 29, 2024

passaro Nov 29, 2024

dannycjones Nov 29, 2024

dannycjones Nov 29, 2024

		@@ -105,6 +105,10 @@ Mountpoint also respects access control lists (ACLs) applied to objects in your

		By default, Mountpoint will automatically mount your S3 bucket given only the bucket name, and will automatically select the appropriate S3 HTTPS endpoint. However, you can override this automation if you need finer control over how Mountpoint connects to your bucket.

		### S3 Bucket Types

Update documentation for supported bucket types #1176

Update documentation for supported bucket types #1176

Conversation

vladem commented Nov 29, 2024 • edited Loading

Does this change impact existing behavior?

Does this change need a changelog entry?

passaro Nov 29, 2024

Choose a reason for hiding this comment

passaro Nov 29, 2024

Choose a reason for hiding this comment

dannycjones Nov 29, 2024

Choose a reason for hiding this comment

dannycjones Nov 29, 2024

Choose a reason for hiding this comment

vladem commented Nov 29, 2024 •

edited

Loading