AWS Go SDK
This guide assumes that you have followed the steps in the Getting Started guide, and have the access keys available.
You may continue to use the AWS Go SDK as you normally would, but with the
endpoint set to https://fly.storage.tigris.dev
.
This example uses the AWS Go SDK v2 and
reads the default credentials file or the environment variables
AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
.
Getting started
package main
import (
"context"
"fmt"
"log"
"os"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
)
func main() {
sdkConfig, err := config.LoadDefaultConfig(context.TODO())
if err != nil {
log.Printf("Couldn't load default configuration. Here's why: %v\n", err)
return
}
// Create S3 service client
svc := s3.NewFromConfig(sdkConfig, func(o *s3.Options) {
o.BaseEndpoint = aws.String("https://fly.storage.tigris.dev")
o.Region = "auto"
})
// List buckets
result, err := svc.ListBuckets(context.TODO(), &s3.ListBucketsInput{})
if err != nil {
log.Printf("Unable to list buckets. Here's why: %v\n", err)
return
}
fmt.Println("Buckets:")
for _, b := range result.Buckets {
fmt.Printf("* %s created on %s\n",
aws.ToString(b.Name), aws.ToTime(b.CreationDate))
}
// Upload file
fmt.Println("Upload file:")
file, err := os.Open("bar.txt")
if err != nil {
log.Printf("Couldn't open file to upload. Here's why: %v\n", err)
return
} else {
defer file.Close()
_, err = svc.PutObject(context.TODO(), &s3.PutObjectInput{
Bucket: aws.String("foo-bucket"),
Key: aws.String("bar.txt"),
Body: file,
})
if err != nil {
log.Printf("Couldn't upload file. Here's why: %v\n", err)
}
}
}
Conditional operations
Below is an example of how to use the AWS Go SDK to perform conditional operations on objects in Tigris. The example reads an object, modifies it, and then writes it back to the bucket. The write operation is conditional on the object not being modified since it was read.
package main
import (
"bytes"
"context"
"io"
"log"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/aws/smithy-go/transport/http"
)
func WithHeader(key, value string) func(*s3.Options) {
return func(options *s3.Options) {
options.APIOptions = append(options.APIOptions, http.AddHeaderValue(key, value))
}
}
func IfMatch(value string) func(*s3.Options) {
return WithHeader("If-Match", value)
}
func main() {
cfg, err := config.LoadDefaultConfig(context.TODO())
if err != nil {
log.Printf("Couldn't load default configuration. Here's why: %v\n", err)
return
}
// Create S3 service client
client := s3.NewFromConfig(cfg, func(o *s3.Options) {
o.BaseEndpoint = aws.String("https://fly.storage.tigris.dev")
o.Region = "auto"
})
// read
out, err := client.GetObject(context.TODO(),
&s3.GetObjectInput{
Bucket: aws.String("mybucket"),
Key: aws.String("mykey"),
},
WithHeader("x-tigris-cas", "true"),
)
if err != nil {
log.Fatalf("unable to read object: %v", err)
}
body, err := io.ReadAll(out.Body)
if err != nil {
log.Fatalf("unable to read object body: %v", err)
}
// modify
// write
out1, err := client.PutObject(context.TODO(),
&s3.PutObjectInput{
Bucket: aws.String("mybucket"),
Key: aws.String("mykey"),
Body: bytes.NewBuffer(body),
},
IfMatch(*out.ETag),
)
if err != nil {
log.Fatalf("unable to put object, %v", err)
}
log.Printf("mykey etag is %s", *out1.ETag)
}
Using presigned URLs
Presigned URLs can be used with the AWS Go SDK as follows:
package main
import (
"context"
"log"
"time"
"github.com/aws/aws-sdk-go-v2/aws"
v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4"
"github.com/aws/aws-sdk-go-v2/service/s3"
)
// Client encapsulates the S3 SDK presign client and provides methods to presign requests.
type Client struct {
PresignClient *s3.PresignClient
}
// GetObject makes a presigned request that can be used to get an object from a bucket.
func (p *Client) GetObject(
bucket string, key string, expireSecs int64,
) (*v4.PresignedHTTPRequest, error) {
request, err := p.PresignClient.PresignGetObject(context.TODO(), &s3.GetObjectInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
}, func(opts *s3.PresignOptions) {
opts.Expires = time.Duration(expireSecs * int64(time.Second))
})
if err != nil {
log.Printf("Couldn't get a presigned request to get %v:%v. Here's why: %v\n",
bucket, key, err)
}
return request, err
}
// PutObject makes a presigned request that can be used to put an object in a bucket.
func (p *Client) PutObject(
bucket string, object string, expireSecs int64,
) (*v4.PresignedHTTPRequest, error) {
request, err := p.PresignClient.PresignPutObject(context.TODO(), &s3.PutObjectInput{
Bucket: aws.String(bucket),
Key: aws.String(object),
}, func(opts *s3.PresignOptions) {
opts.Expires = time.Duration(expireSecs * int64(time.Second))
})
if err != nil {
log.Printf("Couldn't get a presigned request to put %v:%v. Here's why: %v\n",
bucket, object, err)
}
return request, err
}
// DeleteObject makes a presigned request that can be used to delete an object from a bucket.
func (p *Client) DeleteObject(bucket string, object string) (*v4.PresignedHTTPRequest, error) {
request, err := p.PresignClient.PresignDeleteObject(context.TODO(), &s3.DeleteObjectInput{
Bucket: aws.String(bucket),
Key: aws.String(object),
})
if err != nil {
log.Printf("Couldn't get a presigned request to delete object %v. Here's why: %v\n", object, err)
}
return request, err
}
func main() {
sdkConfig, err := config.LoadDefaultConfig(context.TODO())
if err != nil {
log.Printf("Couldn't load default configuration. Here's why: %v\n", err)
return
}
// Create S3 service client
svc := s3.NewFromConfig(sdkConfig, func(o *s3.Options) {
o.BaseEndpoint = aws.String("https://fly.storage.tigris.dev")
o.Region = "auto"
})
// Presigning a request
ps := s3.NewPresignClient(svc)
presigner := &Client{PresignClient: ps}
// Presigned URL to upload an object to the bucket
presignedPutReq, err := presigner.PutObject("foo-bucket", "bar.txt", 60)
if err != nil {
log.Printf("Couldn't get a presigned request to put bar.txt. Here's why: %v\n", err)
} else {
fmt.Printf("Presigned URL for PUT: %s\n", presignedPutReq.URL)
}
// Presigned URL to download an object from the bucket
presignedGetReq, err := presigner.GetObject("foo-bucket", "bar.txt", 60)
if err != nil {
log.Printf("Couldn't get a presigned request to get bar.txt. Here's why: %v\n", err)
} else {
fmt.Printf("Presigned URL for GET: %s\n", presignedGetReq.URL)
}
}
You can now use the URL returned by the presignedPutReq.URL
and
presignedGetReq.URL
to upload or download objects.
Object Regions
Below is an example of how to use the AWS Go SDK to restrict
object region to Europe only(fra
region).
package main
import (
"bytes"
"context"
"crypto/rand"
"io"
"log"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/aws/aws-sdk-go-v2/service/s3/types"
"github.com/aws/smithy-go/transport/http"
)
func WithHeader(key, value string) func(*s3.Options) {
return func(options *s3.Options) {
options.APIOptions = append(options.APIOptions, http.AddHeaderValue(key, value))
}
}
func putObjectToMultipleRegions(ctx context.Context, client *s3.Client, bucket string, key string, data []byte) error {
_, err := client.PutObject(
ctx,
&s3.PutObjectInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
Body: bytes.NewReader(data),
ContentLength: aws.Int64(int64(len(data))),
},
// Restrict in Europe only
WithHeader("X-Tigris-Regions", "fra"),
)
return err
}
func putObjectUsingMultipartToMultipleRegions(ctx context.Context, client *s3.Client, bucket string, key string, data []byte) error {
co, err := client.CreateMultipartUpload(
ctx,
&s3.CreateMultipartUploadInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
},
// Restrict in Europe only
WithHeader("X-Tigris-Regions", "fra"),
)
if err != nil {
return err
}
uo, err := client.UploadPart(
ctx,
&s3.UploadPartInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
Body: bytes.NewReader(data),
UploadId: co.UploadId,
PartNumber: aws.Int32(1),
ContentLength: aws.Int64(int64(len(data))),
},
)
if err != nil {
return err
}
_, err = client.CompleteMultipartUpload(
ctx,
&s3.CompleteMultipartUploadInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
UploadId: co.UploadId,
MultipartUpload: &types.CompletedMultipartUpload{
Parts: []types.CompletedPart{
{ETag: uo.ETag, PartNumber: aws.Int32(1)},
},
},
},
)
return err
}
func main() {
cfg, err := config.LoadDefaultConfig(context.TODO())
if err != nil {
log.Printf("Couldn't load default configuration. Here's why: %v\n", err)
return
}
// Create S3 service client
client := s3.NewFromConfig(cfg, func(o *s3.Options) {
o.BaseEndpoint = aws.String("https://fly.storage.tigris.dev")
o.Region = "auto"
})
var (
ctx = context.TODO()
bucket = "mybucket"
key = "mykey"
randData = make([]byte, 16384)
)
_, _ = rand.Read(randData)
// example of multiple regions using put
err = putObjectToMultipleRegions(ctx, client, bucket, key, randData)
if err != nil {
log.Fatalf("unable to write object: %v", err)
}
_, _ = rand.Read(randData)
// example of multiple regions using multipart
err = putObjectUsingMultipartToMultipleRegions(ctx, client, bucket, key, randData)
if err != nil {
log.Fatalf("unable to write object: %v", err)
}
// read
out, err := client.GetObject(context.TODO(),
&s3.GetObjectInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
},
)
if err != nil {
log.Fatalf("unable to read object: %v", err)
}
_, err = io.ReadAll(out.Body)
if err != nil {
log.Fatalf("unable to read object body: %v", err)
}
}
Metadata Querying
Below is an example of how to use metadata querying with the AWS Go SDK.
package main
import (
"bytes"
"context"
"crypto/rand"
"io"
"log"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/aws/smithy-go/transport/http"
)
func WithHeader(key, value string) func(*s3.Options) {
return func(options *s3.Options) {
options.APIOptions = append(options.APIOptions, http.AddHeaderValue(key, value))
}
}
func main() {
ctx := context.TODO()
cfg, err := config.LoadDefaultConfig(ctx)
if err != nil {
log.Printf("Couldn't load default configuration. Here's why: %v\n", err)
return
}
// Create S3 service client
client := s3.NewFromConfig(cfg, func(o *s3.Options) {
o.BaseEndpoint = aws.String("https://fly.storage.tigris.dev")
o.Region = "auto"
})
contentType := "text/javascript"
resp, err := client.ListObjectsV2WithContext(ctx, &s3.ListObjectsV2Input{
Bucket: "bucket-name",
}, request.WithSetRequestHeaders(map[string]string{
"X-Tigris-Query": fmt.Sprintf("`Content-Type` = \"%s\"", contentType),
}))
if err != nil {
log.Fatalf("unable to write object: %v", err)
}
for _, doc := range resp.Contents {
log.Printf("Doc found %s \n", doc.Key)
}
}
Webhook
Below is an example of how to use webhook with the AWS Go SDK.
type ObjectNotificationReq struct {
Events []*ObjectNotificationEvent `json:"events"`
}
type ObjectNotificationEvent struct {
EventVersion string `json:"eventVersion"`
EventSource string `json:"eventSource"`
EventName string `json:"eventName"`
EventTime string `json:"eventTime"`
Bucket string `json:"bucket"`
Object *EventObject `json:"object"`
}
type EventObject struct {
Key string `json:"key"`
Size int32 `json:"size"`
ETag string `json:"eTag"`
}
func eventReceiver(w http.ResponseWriter, r *http.Request) {
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Error reading request body", http.StatusInternalServerError)
return
}
defer r.Body.Close()
var req ObjectNotificationReq
err = json.Unmarshal(body, &req)
if err != nil {
http.Error(w, "Error unmarshalling request body", http.StatusInternalServerError)
return
}
fmt.Println("Events:")
for _, event := range req.Events {
fmt.Printf("time: %v, event: %v, bucket: %v, key: %v\n", event.EventTime, event.EventName, event.Bucket, event.Object.Key)
}
fmt.Fprint(w, "ok")
}
func basicAuth(next http.HandlerFunc, username, password string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
auth := r.Header.Get("Authorization")
if auth == "" {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
payload, _ := base64.StdEncoding.DecodeString(strings.TrimPrefix(auth, "Basic "))
pair := strings.SplitN(string(payload), ":", 2)
if len(pair) != 2 || subtle.ConstantTimeCompare([]byte(pair[0]), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pair[1]), []byte(password)) != 1 {
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
next.ServeHTTP(w, r)
}
}
func tokenAuth(next http.HandlerFunc, token string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
auth := r.Header.Get("Authorization")
if auth == "" || !strings.HasPrefix(auth, "Bearer ") || subtle.ConstantTimeCompare([]byte(strings.TrimPrefix(auth, "Bearer ")), []byte(token)) != 1 {
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
fmt.Println("token auth successful")
next.ServeHTTP(w, r)
}
}
func main() {
http.HandleFunc("/no-auth", eventReceiver)
http.HandleFunc("/basic-auth", basicAuth(eventReceiver, "user", "pass"))
http.HandleFunc("/token-auth", tokenAuth(eventReceiver, "secret-token-pass"))
log.Println("Server running on http://localhost:8080")
log.Fatal(http.ListenAndServe(":8080", nil))
}