Automated compliance testing for S3-compatible storage providers.
When you generate a presigned URL with a signed Content-Length, does your provider actually enforce it? This tool finds out.
| Test | Expected | Purpose |
|---|---|---|
| Upload matches signed size | Accept | Baseline: valid uploads work |
| Body larger than signed | Reject | Prevents quota bypass |
| Body smaller than signed | Reject | Prevents truncation attacks |
| Header/body mismatch | Reject | Prevents header spoofing |
Tests run against both multipart uploads (UploadPart) and single-part uploads (PutObject).
| Provider | Status |
|---|---|
| AWS S3 |  |
| Cloudflare R2 |  |
| Backblaze B2 |  |
| Google Cloud Storage |  |
# Install
pip install -e .
# Configure (copy and edit)
cp config.example.json config.json
# Run tests
python run.pyResults are available as JSON for integration into your own monitoring:
GET /data/latest.json # Current test results
GET /data/history.json # Historical data + changelog
GET /data/badges/*.svg # Status badges per provider
src/
├── runner.py # Test orchestration
├── test_cases.py # Test definitions
├── s3_client.py # Provider interactions
└── site_generator/ # Dashboard data generation
site/ # Static dashboard (GitHub Pages)
This project validates the Manifested Multipart Upload pattern for enforcing upload quotas at the storage edge without proxying data through your servers.
MIT