From 6f11632ab191d421a0fe201cdeb5d41e580bca2b Mon Sep 17 00:00:00 2001
From: Seena Fallah <seenafallah@gmail.com>
Date: Mon, 24 Feb 2025 16:47:50 +0100
Subject: [PATCH] doc: add release note for new policy actions on replication

Fixes: https://tracker.ceph.com/issues/70093
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 8c15d4674f567c7b35d5aac0a9ac4e62306f7b13)
---
 PendingReleaseNotes | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/PendingReleaseNotes b/PendingReleaseNotes
index 404d2d7f8cd..6b18efc70f1 100644
--- a/PendingReleaseNotes
+++ b/PendingReleaseNotes
@@ -138,6 +138,13 @@
   allowed.  `rbd trash mv` command now behaves the same way as `rbd rm` in this
   scenario.
 
+* RGW: Replication policies now validate permissions using `s3:ReplicateObject`,
+  `s3:ReplicateDelete`, and `s3:ReplicateTags` for destination buckets. For source
+  buckets, both `s3:GetObjectVersionForReplication` and `s3:GetObject(Version)`
+  are supported. Actions like `s3:GetObjectAcl`, `s3:GetObjectLegalHold`, and
+  `s3:GetObjectRetention` are also considered when fetching the source object.
+  Replication of tags is controlled by the `s3:GetObject(Version)Tagging` permission.
+
 >=19.2.1
 
 * CephFS: Command `fs subvolume create` now allows tagging subvolumes through option
-- 
2.39.5