seaweedFS/weed/pb/s3.proto

syntax = "proto3";

package messaging_pb;

option go_package = "github.com/seaweedfs/seaweedfs/weed/pb/s3_pb";
option java_package = "seaweedfs.client";
option java_outer_classname = "S3Proto";

//////////////////////////////////////////////////

import "iam.proto";

// Designed for unidirectional propagation from Filer to S3 Servers
service SeaweedS3IamCache {
    rpc PutIdentity (iam_pb.PutIdentityRequest) returns (iam_pb.PutIdentityResponse);
    rpc RemoveIdentity (iam_pb.RemoveIdentityRequest) returns (iam_pb.RemoveIdentityResponse);
    rpc PutPolicy (iam_pb.PutPolicyRequest) returns (iam_pb.PutPolicyResponse);
    rpc GetPolicy (iam_pb.GetPolicyRequest) returns (iam_pb.GetPolicyResponse);
    rpc ListPolicies (iam_pb.ListPoliciesRequest) returns (iam_pb.ListPoliciesResponse);
    rpc DeletePolicy (iam_pb.DeletePolicyRequest) returns (iam_pb.DeletePolicyResponse);
}

//////////////////////////////////////////////////

message S3CircuitBreakerConfig {
    S3CircuitBreakerOptions global=1;
    map<string, S3CircuitBreakerOptions> buckets= 2;
}

message S3CircuitBreakerOptions {
    bool enabled=1;
    map<string, int64> actions = 2;
}

//////////////////////////////////////////////////
// Bucket Metadata

message CORSRule {
    repeated string allowed_headers = 1;
    repeated string allowed_methods = 2;
    repeated string allowed_origins = 3;
    repeated string expose_headers = 4;
    int32 max_age_seconds = 5;
    string id = 6;
}

message CORSConfiguration {
    repeated CORSRule cors_rules = 1;
}

message BucketMetadata {
    map<string, string> tags = 1;
    CORSConfiguration cors = 2;
    EncryptionConfiguration encryption = 3;
}

message EncryptionConfiguration {
    string sse_algorithm = 1; // "AES256" or "aws:kms"
    string kms_key_id = 2; // KMS key ID (optional for aws:kms)
    bool bucket_key_enabled = 3; // S3 Bucket Keys optimization
}