]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 66f2427) | patch
rgw/notifications: support bucket notification with bucket policy
authorYuval Lifshitz <ylifshit@redhat.com>
Sun, 26 Mar 2023 10:02:17 +0000 (10:02 +0000)
committerCasey Bodley <cbodley@redhat.com>
Tue, 11 Apr 2023 13:40:34 +0000 (09:40 -0400)
commit62e8b5c4bc819003d17f14977ef979a512fbcbe3
tree2e2239b4dc48838d39aa37dc3ac3914d7f1f6951tree | snapshot
parent66f2427e85b86dcf72b8c311def3b942dddbecc6commit | diff
rgw/notifications: support bucket notification with bucket policy

following policy should be used to allow any user to get, put and delete
bucket notification on a bucket called "my-bucket":
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Statement",
      "Effect": "Allow",
      "Principal": "*",
      "Action": ["s3:GetBucketNotification", "s3:PutBucketNotification"],
      "Resource": "arn:aws:s3:::my-bucket"
    }
  ]
}

note that notification deletion uses the "PUT" permission.

Fixes: https://tracker.ceph.com/issues/59136
Signed-off-by: Yuval Lifshitz <ylifshit@redhat.com>
(cherry picked from commit e100d392a0ed4a22d8544d25299df2366e727d4c)
src/rgw/rgw_rest_pubsub.cc diff | blob | history
src/test/rgw/bucket_notification/test_bn.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.