]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1e6e393) | patch
rgw: Inject keystone userid into IAM policy 67752/head
authorSupriti Singh <supriti.singh@clyso.com>
Thu, 19 Mar 2026 09:26:32 +0000 (10:26 +0100)
committerSupriti Singh <supriti.singh@clyso.com>
Tue, 21 Apr 2026 11:40:32 +0000 (13:40 +0200)
commitb06b7a82ed1a5c57dce8b9ce2fa0931fe0f55ff7
treea0f5be13ceaef0c6ef6f9cee4ea83cc14ad23cddtree | snapshot
parent1e6e39346667f82591644760311093729db8a915commit | diff
rgw: Inject keystone userid into IAM policy

Expose the Keystone token user UUID as condition key "keystone:userid"
so IAM and bucket policies can restrict access by user (e.g. per-user
buckets or user-specific allow/deny).

On-behalf-of: SAP <supriti.singh@clyso.com>
Signed-off-by: Supriti Singh <supriti.singh@clyso.com>
doc/radosgw/bucketpolicy.rst diff | blob | history
doc/radosgw/keystone.rst diff | blob | history
src/rgw/rgw_auth.cc diff | blob | history
src/rgw/rgw_auth.h diff | blob | history
src/rgw/rgw_auth_keystone.cc diff | blob | history
src/test/rgw/test_rgw_iam_policy.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.