add bucket encryption

Author: zhuxiaolong37

alibabacloud_oss_v2/__init__.py

@@ -21,6 +21,7 @@
 from .models.bucket_archive_direct_read import *
 from .models.bucket_cname import *
 from .models.bucket_cors import *
+from .models.bucket_encryption import *
 
 from .config import Config
 from .client import Client

alibabacloud_oss_v2/client.py

@@ -1186,3 +1186,45 @@ def option_object(self, request: models.OptionObjectRequest, **kwargs
         """
         return operations.option_object(self._client, request, **kwargs)
 
+
+    # bucket_encryption
+    def put_bucket_encryption(self, request: models.PutBucketEncryptionRequest, **kwargs
+                              ) -> models.PutBucketEncryptionResult:
+        """
+        Configures encryption rules for a bucket.
+
+        Args:
+            request (PutBucketEncryptionRequest): Request parameters for PutBucketEncryption operation.
+
+        Returns:
+            PutBucketEncryptionResult: Response result for PutBucketEncryption operation.
+        """
+        return operations.put_bucket_encryption(self._client, request, **kwargs)
+
+
+    def get_bucket_encryption(self, request: models.GetBucketEncryptionRequest, **kwargs
+                              ) -> models.GetBucketEncryptionResult:
+        """
+        Queries the encryption rules configured for a bucket.
+
+        Args:
+            request (GetBucketEncryptionRequest): Request parameters for GetBucketEncryption operation.
+
+        Returns:
+            GetBucketEncryptionResult: Response result for GetBucketEncryption operation.
+        """
+        return operations.get_bucket_encryption(self._client, request, **kwargs)
+
+
+    def delete_bucket_encryption(self, request: models.DeleteBucketEncryptionRequest, **kwargs
+                                 ) -> models.DeleteBucketEncryptionResult:
+        """
+        Deletes encryption rules for a bucket.
+
+        Args:
+            request (DeleteBucketEncryptionRequest): Request parameters for DeleteBucketEncryption operation.
+
+        Returns:
+            DeleteBucketEncryptionResult: Response result for DeleteBucketEncryption operation.
+        """
+        return operations.delete_bucket_encryption(self._client, request, **kwargs)

alibabacloud_oss_v2/models/__init__.py

@@ -9,3 +9,4 @@
 from .bucket_archive_direct_read import *
 from .bucket_cname import *
 from .bucket_cors import *
+from .bucket_encryption import *

alibabacloud_oss_v2/models/bucket_encryption.py

@@ -0,0 +1,168 @@
+from typing import Optional, Any
+from .. import serde
+
+
+class ApplyServerSideEncryptionByDefault(serde.Model):
+    """
+    The container that stores the default server-side encryption method.
+    """
+
+    _attribute_map = { 
+        'kms_master_key_id': {'tag': 'xml', 'rename': 'KMSMasterKeyID', 'type': 'str'},
+        'kms_data_encryption': {'tag': 'xml', 'rename': 'KMSDataEncryption', 'type': 'str'},
+        'sse_algorithm': {'tag': 'xml', 'rename': 'SSEAlgorithm', 'type': 'str'},
+    }
+
+    _xml_map = {
+        'name': 'ApplyServerSideEncryptionByDefault'
+    }
+
+    def __init__(
+        self,
+        kms_master_key_id: Optional[str] = None,
+        kms_data_encryption: Optional[str] = None,
+        sse_algorithm: Optional[str] = None,
+        **kwargs: Any
+    ) -> None:
+        """
+        kms_master_key_id (str, optional): The CMK ID that is specified when SSEAlgorithm is set to KMS and a specified CMK is used for encryption. In other cases, leave this parameter empty.
+        kms_data_encryption (str, optional): The algorithm that is used to encrypt objects. If this parameter is not specified, objects are encrypted by using AES256. This parameter is valid only when SSEAlgorithm is set to KMS. Valid value: SM4.
+        sse_algorithm (str, optional): The default server-side encryption method. Valid values: KMS, AES256, and SM4. You are charged when you call API operations to encrypt or decrypt data by using CMKs managed by KMS. For more information, see [Billing of KMS](~~52608~~). If the default server-side encryption method is configured for the destination bucket and ReplicaCMKID is configured in the CRR rule:*   If objects in the source bucket are not encrypted, they are encrypted by using the default encryption method of the destination bucket after they are replicated.*   If objects in the source bucket are encrypted by using SSE-KMS or SSE-OSS, they are encrypted by using the same method after they are replicated.For more information, see [Use data replication with server-side encryption](~~177216~~).
+        """
+        super().__init__(**kwargs)
+        self.kms_master_key_id = kms_master_key_id
+        self.kms_data_encryption = kms_data_encryption
+        self.sse_algorithm = sse_algorithm
+
+
+class ServerSideEncryptionRule(serde.Model):
+    """
+    The container that stores server-side encryption rules.
+    """
+
+    _attribute_map = { 
+        'apply_server_side_encryption_by_default': {'tag': 'xml', 'rename': 'ApplyServerSideEncryptionByDefault', 'type': 'ApplyServerSideEncryptionByDefault'},
+    }
+
+    _xml_map = {
+        'name': 'ServerSideEncryptionRule'
+    }
+
+    _dependency_map = { 
+        'ApplyServerSideEncryptionByDefault': {'new': lambda: ApplyServerSideEncryptionByDefault()},
+    }
+
+    def __init__(
+        self,
+        apply_server_side_encryption_by_default: Optional[ApplyServerSideEncryptionByDefault] = None,
+        **kwargs: Any
+    ) -> None:
+        """
+        apply_server_side_encryption_by_default (ApplyServerSideEncryptionByDefault, optional): The container that stores the default server-side encryption method.
+        """
+        super().__init__(**kwargs)
+        self.apply_server_side_encryption_by_default = apply_server_side_encryption_by_default
+
+
+
+
+class PutBucketEncryptionRequest(serde.RequestModel):
+    """
+    The request for the PutBucketEncryption operation.
+    """
+
+    _attribute_map = { 
+        'bucket': {'tag': 'input', 'position': 'host', 'rename': 'bucket', 'type': 'str', 'required': True},
+        'server_side_encryption_rule': {'tag': 'input', 'position': 'body', 'rename': 'ServerSideEncryptionRule', 'type': 'xml'},
+    }
+
+    def __init__(
+        self,
+        bucket: str = None,
+        server_side_encryption_rule: Optional[ServerSideEncryptionRule] = None,
+        **kwargs: Any
+    ) -> None:
+        """
+        bucket (str, required): The name of the bucket.
+        server_side_encryption_rule (ServerSideEncryptionRule, optional): The request body schema.
+        """
+        super().__init__(**kwargs)
+        self.bucket = bucket
+        self.server_side_encryption_rule = server_side_encryption_rule
+
+
+class PutBucketEncryptionResult(serde.ResultModel):
+    """
+    The request for the PutBucketEncryption operation.
+    """
+
+class GetBucketEncryptionRequest(serde.RequestModel):
+    """
+    The request for the GetBucketEncryption operation.
+    """
+
+    _attribute_map = { 
+        'bucket': {'tag': 'input', 'position': 'host', 'rename': 'bucket', 'type': 'str', 'required': True},
+    }
+
+    def __init__(
+        self,
+        bucket: str = None,
+        **kwargs: Any
+    ) -> None:
+        """
+        bucket (str, required): The name of the bucket.
+        """
+        super().__init__(**kwargs)
+        self.bucket = bucket
+
+
+class GetBucketEncryptionResult(serde.ResultModel):
+    """
+    The request for the GetBucketEncryption operation.
+    """
+
+    _attribute_map = { 
+        'server_side_encryption_rule': {'tag': 'output', 'position': 'body', 'rename': 'ServerSideEncryptionRule', 'type': 'ServerSideEncryptionRule,xml'},
+    }
+
+    _dependency_map = { 
+        'ServerSideEncryptionRule': {'new': lambda: ServerSideEncryptionRule()},
+    }
+
+    def __init__(
+        self,
+        server_side_encryption_rule: Optional[ServerSideEncryptionRule] = None,
+        **kwargs: Any
+    ) -> None:
+        """
+        server_side_encryption_rule (ServerSideEncryptionRule, optional): The container that stores server-side encryption rules.
+        """
+        super().__init__(**kwargs)
+        self.server_side_encryption_rule = server_side_encryption_rule
+
+class DeleteBucketEncryptionRequest(serde.RequestModel):
+    """
+    The request for the DeleteBucketEncryption operation.
+    """
+
+    _attribute_map = { 
+        'bucket': {'tag': 'input', 'position': 'host', 'rename': 'bucket', 'type': 'str', 'required': True},
+    }
+
+    def __init__(
+        self,
+        bucket: str = None,
+        **kwargs: Any
+    ) -> None:
+        """
+        bucket (str, required): The name of the bucket.
+        """
+        super().__init__(**kwargs)
+        self.bucket = bucket
+
+
+class DeleteBucketEncryptionResult(serde.ResultModel):
+    """
+    The request for the DeleteBucketEncryption operation.
+    """

alibabacloud_oss_v2/operations/__init__.py

@@ -7,4 +7,5 @@
 from .bucket_access_monitor import *
 from .bucket_archive_direct_read import *
 from .bucket_cname import *
-from .bucket_cors import *
+from .bucket_cors import *
+from .bucket_encryption import *

alibabacloud_oss_v2/operations/bucket_encryption.py

@@ -0,0 +1,131 @@
+# pylint: disable=line-too-long
+
+from ..types import OperationInput, CaseInsensitiveDict
+from .. import serde
+from .. import serde_utils
+from .. import models
+from .._client import _SyncClientImpl
+
+
+def put_bucket_encryption(client: _SyncClientImpl, request: models.PutBucketEncryptionRequest, **kwargs) -> models.PutBucketEncryptionResult:
+    """
+    put_bucket_encryption synchronously
+
+    Args:
+        client (_SyncClientImpl): A agent that sends the request.
+        request (PutBucketEncryptionRequest): The request for the PutBucketEncryption operation.
+
+    Returns:
+        PutBucketEncryptionResult: The result for the PutBucketEncryption operation.
+    """
+
+    op_input = serde.serialize_input(
+        request=request,
+        op_input=OperationInput(
+            op_name='PutBucketEncryption',
+            method='PUT',
+            headers=CaseInsensitiveDict({
+                'Content-Type': 'application/xml',
+            }),
+            parameters={ 
+                'encryption': '', 
+            },
+            bucket=request.bucket,
+            op_metadata={'sub-resource': ['encryption']},
+        ),
+        custom_serializer=[
+            serde_utils.add_content_md5
+        ]
+    )
+
+    op_output = client.invoke_operation(op_input, **kwargs)
+
+    return serde.deserialize_output(
+        result=models.PutBucketEncryptionResult(),
+        op_output=op_output,
+        custom_deserializer=[
+            serde.deserialize_output_xmlbody
+        ],
+    )
+
+def get_bucket_encryption(client: _SyncClientImpl, request: models.GetBucketEncryptionRequest, **kwargs) -> models.GetBucketEncryptionResult:
+    """
+    get_bucket_encryption synchronously
+
+    Args:
+        client (_SyncClientImpl): A agent that sends the request.
+        request (GetBucketEncryptionRequest): The request for the GetBucketEncryption operation.
+
+    Returns:
+        GetBucketEncryptionResult: The result for the GetBucketEncryption operation.
+    """
+
+    op_input = serde.serialize_input(
+        request=request,
+        op_input=OperationInput(
+            op_name='GetBucketEncryption',
+            method='GET',
+            headers=CaseInsensitiveDict({
+                'Content-Type': 'application/xml',
+            }),
+            parameters={ 
+                'encryption': '', 
+            },
+            bucket=request.bucket,
+            op_metadata={'sub-resource': ['encryption']},
+        ),
+        custom_serializer=[
+            serde_utils.add_content_md5
+        ]
+    )
+
+    op_output = client.invoke_operation(op_input, **kwargs)
+
+    return serde.deserialize_output(
+        result=models.GetBucketEncryptionResult(),
+        op_output=op_output,
+        custom_deserializer=[
+            serde.deserialize_output_xmlbody
+        ],
+    )
+
+def delete_bucket_encryption(client: _SyncClientImpl, request: models.DeleteBucketEncryptionRequest, **kwargs) -> models.DeleteBucketEncryptionResult:
+    """
+    delete_bucket_encryption synchronously
+
+    Args:
+        client (_SyncClientImpl): A agent that sends the request.
+        request (DeleteBucketEncryptionRequest): The request for the DeleteBucketEncryption operation.
+
+    Returns:
+        DeleteBucketEncryptionResult: The result for the DeleteBucketEncryption operation.
+    """
+
+    op_input = serde.serialize_input(
+        request=request,
+        op_input=OperationInput(
+            op_name='DeleteBucketEncryption',
+            method='DELETE',
+            headers=CaseInsensitiveDict({
+                'Content-Type': 'application/xml',
+            }),
+            parameters={ 
+                'encryption': '', 
+            },
+            bucket=request.bucket,
+            op_metadata={'sub-resource': ['encryption']},
+        ),
+        custom_serializer=[
+            serde_utils.add_content_md5
+        ]
+    )
+
+    op_output = client.invoke_operation(op_input, **kwargs)
+
+    return serde.deserialize_output(
+        result=models.DeleteBucketEncryptionResult(),
+        op_output=op_output,
+        custom_deserializer=[
+            serde.deserialize_output_xmlbody
+        ],
+    )