This resource has been forked to add support for retrieving AWS credentials
from IAM instance profiles. That feature isn't going to be
implemented upstream at the moment, but the Concourse team are
looking at other ways to retrieve credentials in the future.
Please do not add additional features or bug fixes to this fork/branch
without first talking to the Tech Lead or Tech Architect on the Government
Docker Hub builds a container from the
gds branch. There is no
automated testing because the integration tests require credentials, so you
will need to run the tests yourself.
Versions objects in an S3 bucket, by pattern-matching filenames to identify
bucket: Required. The name of the bucket.
access_key_id: Optional. The AWS access key to use when accessing the
secret_access_key: Optional. The AWS secret key to use when accessing
region_name: Optional. The region the bucket is in. Defaults to
private: Optional. Indicates that the bucket is private, so that any
URLs provided are signed.
cloudfront_url: Optional. The URL (scheme and domain) of your CloudFront
distribution that is fronting this bucket (e.g
https://d5yxxxxx.cloudfront.net). This will affect
inwill ignore the
bucketname setting, exclusively using the
cloudfront_url. When configuring CloudFront with versioned buckets, set
Query String Forwarding and Cachingto
Forward all, cache based on allto
ensure S3 calls succeed.
endpoint: Optional. Custom endpoint for using S3 compatible provider.
disable_ssl: Optional. Disable SSL for the endpoint, useful for S3
compatible providers without SSL.
server_side_encryption: Optional. An encryption algorithm to use when
storing objects in S3.
sse_kms_key_id: Optional. The ID of the AWS KMS master encryption key
used for the object.
use_v2_signing: Optional. Use signature v2 signing, useful for S3 compatible providers that do not support v4.
One of the following two options must be specified:
regexp: Optional. The pattern to match filenames against within S3. The first
grouped match is used to extract the version, or if a group is explicitly
version, that group is used. At least one capture group must be
specified, with parentheses.
The version extracted from this pattern is used to version the resource.
Semantic versions, or just numbers, are supported. Accordingly, full regular
expressions are supported, to specify the capture groups.
versioned_file: Optional If you enable versioning for your S3 bucket then
you can keep the file name the same and upload new versions of your file
without resorting to version numbers. This property is the path to the file
in your S3 bucket.
check: Extract versions from the bucket.
Objects will be found via the pattern configured by
regexp. The versions
will be used to order them (using semver). Each
object's filename is the resulting version.
in: Fetch an object from the bucket.
Places the following files in the destination:
(filename): The file fetched from the bucket.
url: A file containing the URL of the object. If
privateis true, this
URL will be signed.
version: The version identified in the file name.
out: Upload an object to the bucket.
Given a file specified by
file, upload it to the S3 bucket. If
specified, the new file will be uploaded to the directory that the regex
searches in. If
versioned_file is specified, the new file will be uploaded as
a new version of that file.
file: Required. Path to the file to upload, provided by an output of a task.
If multiple files are matched by the glob, an error is raised. The file which
matches will be placed into the directory structure on S3 as defined in
in the resource definition. The matching syntax is bash glob expansion, so
no capture groups, etc.
acl: Optional. Canned Acl
for the uploaded object.
- name: release type: s3 source: bucket: releases regexp: directory_on_s3/release-(.*).tgz access_key_id: ACCESS-KEY secret_access_key: SECRET
- get: release
- put: release params: file: path/to/release-*.tgz acl: public-read
Required IAM Permissions
Everything above and...
Developing on this resource
First get the resource via:
go get github.com/concourse/s3-resource