]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9478c06) | patch
rgw: add s3 conditions for PutObject IAM policies
authorAbhishek Lekshmanan <abhishek@suse.com>
Mon, 31 Jul 2017 13:00:51 +0000 (15:00 +0200)
committerAbhishek Lekshmanan <abhishek@suse.com>
Wed, 17 Jan 2018 10:28:56 +0000 (11:28 +0100)
commit6cb1cc8a8679a6961cf231be2ed355abeb7c7c48
tree19c1ed6aad2995d33057a6a18e3855f2bf0751b0tree | snapshot
parent9478c064d7e3752db98efe86f5a40f4a152281abcommit | diff
rgw: add s3 conditions for PutObject IAM policies

Adding the following s3 conditions for PutObject operation

s3:x-amz-canned-acl (caveat: only strings are supported, we don't
support a list of canned acls yet)
s3:x-amz-copy-source
s3:x-amz-server-side-encryption
s3:x-amz-server-side-encryption-aws-kms-key-id
s3:RequestObjectTag/<key>

A still TODO is to tackle is s3:RequestObjectTagKeys
which supports a list as an argument and
s3:x-amz-grant-<permission> (which should be easier to support)

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
src/rgw/rgw_iam_policy_keywords.gperf diff | blob | history
src/rgw/rgw_iam_policy_keywords.h diff | blob | history
src/rgw/rgw_op.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.