scality · benzekrimaha · Oct 28, 2025 · Oct 28, 2025 · Oct 28, 2025 · Oct 28, 2025
diff --git a/package.json b/package.json
@@ -22,7 +22,9 @@
     "@aws-sdk/client-s3": "^3.908.0",
     "@aws-sdk/credential-providers": "^3.864.0",
     "@aws-sdk/middleware-retry": "^3.374.0",
+    "@aws-sdk/protocol-http": "^3.374.0",
     "@aws-sdk/s3-request-presigner": "^3.901.0",
+    "@aws-sdk/signature-v4": "^3.374.0",
     "@azure/storage-blob": "^12.28.0",
     "@hapi/joi": "^17.1.1",
     "@smithy/node-http-handler": "^3.0.0",

diff --git a/tests/functional/aws-node-sdk/test/bucket/aclUsingPredefinedGroups.js b/tests/functional/aws-node-sdk/test/bucket/aclUsingPredefinedGroups.js
diff --git a/tests/functional/aws-node-sdk/test/bucket/bucketPolicyWithResourceStatements.js b/tests/functional/aws-node-sdk/test/bucket/bucketPolicyWithResourceStatements.js
@@ -1,10 +1,13 @@
 const assert = require('assert');
-const AWS = require('aws-sdk');
+const {
+    PutBucketPolicyCommand,
+    ListObjectsCommand,
+    GetObjectCommand,
+    PutObjectCommand } = require('@aws-sdk/client-s3');
 const { errorInstances } = require('arsenal');
 
 const withV4 = require('../support/withV4');
 const BucketUtility = require('../../lib/utility/bucket-util');
-const { VALIDATE_CREDENTIALS, SIGN } = AWS.EventListeners.Core;
 
 withV4(sigCfg => {
     const ownerAccountBucketUtil = new BucketUtility('default', sigCfg);
@@ -13,13 +16,33 @@ withV4(sigCfg => {
 
     function awsRequest(auth, operation, params, callback) {
         if (auth) {
-            ownerAccountBucketUtil.s3[operation](params, callback);
+            // Use authenticated client
+            const commandMap = {
+                'listObjects': ListObjectsCommand,
+                'getObject': GetObjectCommand,
+                'putObject': PutObjectCommand,
+            };
+            const CommandCtor = commandMap[operation];
+            ownerAccountBucketUtil.s3.send(new CommandCtor(params))
+                .then(data => callback(null, data))
+                .catch(err => callback(err));
         } else {
-            const bucketUtil = new BucketUtility('default', sigCfg);
-            const request = bucketUtil.s3[operation](params);
-            request.removeListener('validate', VALIDATE_CREDENTIALS);
-            request.removeListener('sign', SIGN);
-            request.send(callback);
+            // Create unauthenticated client
+            const unauthClient = new BucketUtility('default', {
+                ...sigCfg,
+                credentials: { accessKeyId: '', secretAccessKey: '' },
+                forcePathStyle: true,
+                signer: { sign: async request => request },
+            });
+            const commandMap = {
+                'listObjects': ListObjectsCommand,
+                'getObject': GetObjectCommand,
+                'putObject': PutObjectCommand,
+            };
+            const CommandCtor = commandMap[operation];
+            unauthClient.s3.send(new CommandCtor(params))
+                .then(data => callback(null, data))
+                .catch(err => callback(err));
         }
     }
 
@@ -32,7 +55,7 @@ withV4(sigCfg => {
 
     function cbWithError(done) {
         return err => {
-            assert.strictEqual(err.statusCode, errorInstances.AccessDenied.code);
+            assert.strictEqual(err.$metadata.httpStatusCode, errorInstances.AccessDenied.code);
             done();
         };
     }
@@ -54,11 +77,11 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
+            }))
+            .then(() => {
                 const param = { Bucket: testBuckets[0] };
                 awsRequest(true, 'listObjects', param, cbNoError(done));
             });
@@ -76,11 +99,11 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
+            }))
+            .then(() => {
                 const param = { Bucket: testBuckets[1] };
                 awsRequest(false, 'listObjects', param, cbWithError(done));
             });
@@ -98,11 +121,11 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
+            }))
+            .then(() => {
                 const param = { Bucket: testBuckets[0] };
                 awsRequest(false, 'listObjects', param, cbWithError(done));
             });
@@ -122,23 +145,21 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
-                s3.putObject({
+            }))
+            .then(() => s3.send(new PutObjectCommand({
                     Bucket: testBuckets[0],
                     Body: testBody,
                     Key: testKey,
-                }, er => {
-                    assert.ifError(er);
-                    const param = {
-                        Bucket: testBuckets[0],
-                        Key: testKey,
-                    };
-                    awsRequest(false, 'getObject', param, cbNoError(done));
-                });
+                })))
+            .then(() => {
+                const param = {
+                    Bucket: testBuckets[0],
+                    Key: testKey,
+                };
+                awsRequest(false, 'getObject', param, cbNoError(done));
             });
         });
 
@@ -156,23 +177,21 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
-                s3.putObject({
+            }))
+            .then(() => s3.send(new PutObjectCommand({
                     Bucket: testBuckets[0],
                     Body: testBody,
                     Key: testKey,
-                }, er => {
-                    assert.ifError(er);
-                    const param = {
-                        Bucket: testBuckets[0],
-                        Key: testKey,
-                    };
-                    awsRequest(false, 'getObject', param, cbNoError(done));
-                });
+                })))
+            .then(() => {
+                const param = {
+                    Bucket: testBuckets[0],
+                    Key: testKey,
+                };
+                awsRequest(false, 'getObject', param, cbNoError(done));
             });
         });
 
@@ -190,23 +209,21 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
-                s3.putObject({
+            }))
+            .then(() => s3.send(new PutObjectCommand({
                     Bucket: testBuckets[0],
                     Body: testBody,
                     Key: testKey,
-                }, er => {
-                    assert.ifError(er);
-                    const param = {
-                        Bucket: testBuckets[0],
-                        Key: testKey,
-                    };
-                    awsRequest(false, 'getObject', param, cbWithError(done));
-                });
+                })))
+            .then(() => {
+                const param = {
+                    Bucket: testBuckets[0],
+                    Key: testKey,
+                };
+                awsRequest(false, 'getObject', param, cbWithError(done));
             });
         });
 
@@ -223,11 +240,11 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
+            }))
+            .then(() => {
                 const param = {
                     Bucket: testBuckets[0],
                     Key: 'invalidkey',
@@ -249,11 +266,11 @@ withV4(sigCfg => {
                 Version: '2012-10-17',
                 Statement: [statement],
             };
-            s3.putBucketPolicy({
+            s3.send(new PutBucketPolicyCommand({
                 Bucket: testBuckets[0],
                 Policy: JSON.stringify(bucketPolicy),
-            }, err => {
-                assert.ifError(err);
+            }))
+            .then(() => {
                 const param = {
                     Bucket: testBuckets[1],
                     Key: 'invalidkey',

diff --git a/tests/functional/aws-node-sdk/test/bucket/deleteBucketLifecycle.js b/tests/functional/aws-node-sdk/test/bucket/deleteBucketLifecycle.js
@@ -1,9 +1,13 @@
 const assert = require('assert');
 const { errors } = require('arsenal');
-const { S3 } = require('aws-sdk');
+const { S3Client,
+    CreateBucketCommand,
+    DeleteBucketCommand,
+    DeleteBucketLifecycleCommand,
+    PutBucketLifecycleConfigurationCommand,
+    GetBucketLifecycleConfigurationCommand } = require('@aws-sdk/client-s3');
 
 const getConfig = require('../support/config');
-const BucketUtility = require('../../lib/utility/bucket-util');
 
 const bucket = 'lifecycledeletetestbucket';
 const basicRule = {
@@ -16,17 +20,16 @@ const basicRule = {
 };
 
 // Check for the expected error response code and status code.
-function assertError(err, expectedErr, cb) {
+function assertError(err, expectedErr) {
     if (expectedErr === null) {
         assert.strictEqual(err, null, `expected no error but got '${err}'`);
     } else {
-        assert.strictEqual(err.code, expectedErr, 'incorrect error response ' +
-            `code: should be '${expectedErr}' but got '${err.code}'`);
-        assert.strictEqual(err.statusCode, errors[expectedErr].code,
+        assert.strictEqual(err.name, expectedErr, 'incorrect error response ' +
+            `code: should be '${expectedErr}' but got '${err.Code}'`);
+        assert.strictEqual(err.$metadata.httpStatusCode, errors[expectedErr].code,
             'incorrect error status code: should be 400 but got ' +
-            `'${err.statusCode}'`);
+            `'${err.$metadata.httpStatusCode}'`);
     }
-    cb();
 }
 
 describe('aws-sdk test delete bucket lifecycle', () => {
@@ -35,43 +38,51 @@ describe('aws-sdk test delete bucket lifecycle', () => {
 
     before(done => {
         const config = getConfig('default', { signatureVersion: 'v4' });
-        s3 = new S3(config);
-        otherAccountS3 = new BucketUtility('lisa', {}).s3;
+        s3 = new S3Client(config);
+        const otherAccountConfig = getConfig('lisa', {});
+        otherAccountS3 = new S3Client(otherAccountConfig);
         return done();
     });
 
-    it('should return NoSuchBucket error if bucket does not exist', done => {
-        s3.deleteBucketLifecycle({ Bucket: bucket }, err =>
-            assertError(err, 'NoSuchBucket', done));
+    it('should return NoSuchBucket error if bucket does not exist', async () => {
+        try {
+            await s3.send(new DeleteBucketLifecycleCommand({ Bucket: bucket }));
+            // Should not reach here
+            throw new Error('Expected NoSuchBucket error');
+        } catch (err) {
+            assertError(err, 'NoSuchBucket');
+        }
     });
 
     describe('config rules', () => {
-        beforeEach(done => s3.createBucket({ Bucket: bucket }, done));
+        beforeEach(() => s3.send(new CreateBucketCommand({ Bucket: bucket })));
 
-        afterEach(done => s3.deleteBucket({ Bucket: bucket }, done));
+        afterEach(() => s3.send(new DeleteBucketCommand({ Bucket: bucket })));
 
-        it('should return AccessDenied if user is not bucket owner', done => {
-            otherAccountS3.deleteBucketLifecycle({ Bucket: bucket },
-            err => assertError(err, 'AccessDenied', done));
+        it('should return AccessDenied if user is not bucket owner', async () => {
+            try {
+                await otherAccountS3.send(new DeleteBucketLifecycleCommand({ Bucket: bucket }));
+                // Should not reach here
+                throw new Error('Expected AccessDenied error');
+            } catch (err) {
+                assertError(err, 'AccessDenied');
+            }
         });
 
-        it('should return no error if no lifecycle config on bucket', done => {
-            s3.deleteBucketLifecycle({ Bucket: bucket }, err =>
-                assertError(err, null, done));
-        });
+        it('should return no error if no lifecycle config on bucket', () => s3.send(new
+            DeleteBucketLifecycleCommand({ Bucket: bucket })));
 
-        it('should delete lifecycle configuration from bucket', done => {
+        it('should delete lifecycle configuration from bucket', async () => {
             const params = { Bucket: bucket,
                 LifecycleConfiguration: { Rules: [basicRule] } };
-            s3.putBucketLifecycleConfiguration(params, err => {
-                assert.equal(err, null);
-                s3.deleteBucketLifecycle({ Bucket: bucket }, err => {
-                    assert.equal(err, null);
-                    s3.getBucketLifecycleConfiguration({ Bucket: bucket },
-                    err =>
-                        assertError(err, 'NoSuchLifecycleConfiguration', done));
-                });
-            });
+            await s3.send(new PutBucketLifecycleConfigurationCommand(params));
+            await s3.send(new DeleteBucketLifecycleCommand({ Bucket: bucket }));
+            try {
+                await s3.send(new GetBucketLifecycleConfigurationCommand({ Bucket: bucket }));
+                throw new Error('Expected NoSuchLifecycleConfiguration error');
+            } catch (err) {
+                assertError(err, 'NoSuchLifecycleConfiguration');
+            }
         });
     });
 });