#api #security

yanked s3s-test

s3s test suite

0.0.0 Oct 11, 2024

#929 in #security

Apache-2.0

5KB

s3s

Apache 2.0 licensed Unsafe Forbidden

S3 Service Adapter

crate version docs
s3s Crates.io Docs
s3s-aws Crates.io Docs
s3s-fs Crates.io Docs

This experimental project intends to offer an ergonomic adapter for building S3-compatible services.

s3s implements Amazon S3 REST API in the form of a generic hyper service. S3-compatible services can focus on the S3 API itself and don't have to care about the HTTP layer.

s3s-aws provides useful types and integration with aws-sdk-s3.

s3s-fs implements the S3 API based on file system, as a sample implementation. It is designed for integration testing, which can be used to mock an S3 client. It also provides a binary for debugging. Play it!

How it works

architecture diagram

The diagram above shows how s3s works.

s3s converts HTTP requests to operation inputs before calling the user-defined service.

s3s converts operation outputs or errors to HTTP responses after calling the user-defined service.

The data types, serialization and deserialization are generated from the smithy model in aws-sdk-rust repository. We apply manual hacks to fix some problems in smithy server codegen and make s3s ready to use now.

Security

S3Service and other adapters in this project have no security protection. If they are exposed to the Internet directly, they may be attacked.

It is up to the user to implement security enhancements such as HTTP body length limit, rate limit and back pressure.

Contributing

Sponsor

We have a reward funds pool for contributors: https://github.com/Nugine/s3s/issues/174

If my open-source work has been helpful to you, please sponsor me.

Every little bit helps. Thank you!

No runtime deps