]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f7816c0) | patch
rgw: evaluate_iam_policies() handles account root user
authorCasey Bodley <cbodley@redhat.com>
Thu, 1 Feb 2024 02:51:25 +0000 (21:51 -0500)
committerCasey Bodley <cbodley@redhat.com>
Fri, 12 Apr 2024 19:34:28 +0000 (15:34 -0400)
commit268a487d35f7bf0e449ba9d997d4b5993f3d443a
treeea816dffe550b14f8c0ab5b5b2df3824bbc051f1tree | snapshot
parentf7816c0c0a159fc0028cc47b3678902a6b4a2806commit | diff
rgw: evaluate_iam_policies() handles account root user

> By default, all requests are implicitly denied with the exception of
> the AWS account root user, which has full access.

the account root user turns an implicit deny from identity policy into
an allow, though other policies can still deny explicitly

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 180f0b7b66a37e4aa5221e68882d009bed686b58)
src/rgw/rgw_common.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.