ac965e8d17
[ #80 ] iam: Move resource tag to resource property
...
DCO action / DCO (pull_request) Successful in 1m8s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m3s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m19s
Tests and linters / Staticcheck (pull_request) Successful in 1m27s
Tests and linters / Tests with -race (pull_request) Successful in 1m45s
Tests and linters / Lint (pull_request) Successful in 2m15s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-11 13:29:30 +03:00
64e06f5b7c
[ #80 ] iam: Skip unsupported conditions in native chains
...
DCO action / DCO (pull_request) Successful in 1m16s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m30s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m43s
Tests and linters / Tests with -race (pull_request) Successful in 1m51s
Tests and linters / Staticcheck (pull_request) Successful in 1m57s
Tests and linters / Lint (pull_request) Successful in 2m42s
Skip conditions with
* aws:RequestTag
* aws:ResourceTag
keys
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-06-11 11:15:22 +03:00
303a81cdc6
[ #78 ] iam: Don't check IP for private
...
DCO action / DCO (pull_request) Successful in 1m15s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m19s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m26s
Tests and linters / Staticcheck (pull_request) Successful in 1m29s
Tests and linters / Tests with -race (pull_request) Successful in 1m45s
Tests and linters / Lint (pull_request) Successful in 2m35s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-27 09:54:02 +03:00
Airat Arifullin
84c4872b20
[ #75 ] chain: Refactor ObjectType type
...
DCO action / DCO (pull_request) Successful in 1m11s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m22s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m29s
Tests and linters / Tests with -race (pull_request) Successful in 1m39s
Tests and linters / Staticcheck (pull_request) Successful in 1m40s
Tests and linters / Lint (pull_request) Successful in 2m29s
* Rename `ObjectType` to `Kind`;
* Rename `Object` field in `Condition` to `ConditionKind`;
* Regenerate easy-json marshalers/unmarshalers;
* Fix unit-tests
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2024-05-13 17:36:17 +03:00
04a79f57ef
[ #70 ] iam: Support aws:MultiFactorAuthPresent key
...
Tests and linters / Tests (1.20) (pull_request) Successful in 1m35s
DCO action / DCO (pull_request) Successful in 1m16s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m32s
Tests and linters / Tests with -race (pull_request) Successful in 1m39s
Tests and linters / Staticcheck (pull_request) Successful in 1m51s
Tests and linters / Lint (pull_request) Successful in 2m32s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-16 10:17:28 +03:00
ff5d05ac92
[ #67 ] chain: Support IPAddress conditions
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-15 12:52:41 +00:00
530248de75
[ #69 ] iam: Extend native actions with tree service methods
...
DCO action / DCO (pull_request) Successful in 1m19s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m47s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m54s
Tests and linters / Staticcheck (pull_request) Successful in 2m3s
Tests and linters / Tests with -race (pull_request) Successful in 2m13s
Tests and linters / Lint (pull_request) Successful in 3m24s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-12 13:22:12 +03:00
b6a6816800
[ #68 ] iam: Allow read object on delete operation
...
DCO action / DCO (pull_request) Successful in 1m4s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m19s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m24s
Tests and linters / Tests with -race (pull_request) Successful in 1m40s
Tests and linters / Staticcheck (pull_request) Successful in 1m39s
Tests and linters / Lint (pull_request) Successful in 2m29s
We must be able to read s3 multipart object from storage
(to find out the parts it consists of)
to fully delete such multipart object
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-12 09:57:53 +03:00
1f190e1668
[ #58 ] iam: Fix native actions mapping
...
DCO action / DCO (pull_request) Successful in 44s
Tests and linters / Tests (1.20) (pull_request) Successful in 59s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m19s
Tests and linters / Staticcheck (pull_request) Successful in 1m26s
Tests and linters / Tests with -race (pull_request) Successful in 1m36s
Tests and linters / Lint (pull_request) Successful in 2m11s
We have to add native:PutObject when want to delete object
because of tombstone must be created (it's a put operation)
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-10 14:48:23 +03:00
67cf09f51d
[ #63 ] iam: Add formatters for resource/request tags
...
Tests and linters / Tests (1.21) (pull_request) Successful in 1m21s
DCO action / DCO (pull_request) Successful in 1m13s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m34s
Tests and linters / Tests with -race (pull_request) Successful in 1m44s
Tests and linters / Staticcheck (pull_request) Successful in 1m46s
Tests and linters / Lint (pull_request) Successful in 2m34s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-10 11:14:57 +03:00
84c6be01de
[ #60 ] chain: Support numeric conditions
...
DCO action / DCO (pull_request) Successful in 1m1s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m17s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m23s
Tests and linters / Tests with -race (pull_request) Successful in 1m42s
Tests and linters / Staticcheck (pull_request) Successful in 1m40s
Tests and linters / Lint (pull_request) Successful in 2m24s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-04-08 14:30:43 +03:00
67e4595a91
[ #63 ] iam: Support tag keys
...
Tests and linters / Tests (1.20) (pull_request) Successful in 1m20s
DCO action / DCO (pull_request) Successful in 1m10s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m31s
Tests and linters / Tests with -race (pull_request) Successful in 1m52s
Tests and linters / Staticcheck (pull_request) Successful in 1m54s
Tests and linters / Lint (pull_request) Successful in 2m44s
Support:
* aws:PrincipalTag
* aws:ResourceTag
* aws:Request
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-05 09:36:01 +03:00
1d51f2121d
[ #58 ] iam: Support more s3 actions
...
DCO action / DCO (pull_request) Successful in 2m57s
Tests and linters / Tests (1.21) (pull_request) Successful in 2m43s
Tests and linters / Tests (1.20) (pull_request) Successful in 2m48s
Tests and linters / Staticcheck (pull_request) Successful in 2m58s
Tests and linters / Tests with -race (pull_request) Successful in 3m16s
Tests and linters / Lint (pull_request) Successful in 4m16s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-04-01 17:18:20 +03:00
9040e48504
[ #57 ] iam: Add policy validation checks
...
Tests and linters / Tests (1.20) (pull_request) Successful in 2m56s
DCO action / DCO (pull_request) Successful in 3m34s
Tests and linters / Tests (1.21) (pull_request) Successful in 3m18s
Tests and linters / Tests with -race (pull_request) Successful in 3m20s
Tests and linters / Staticcheck (pull_request) Successful in 3m21s
Tests and linters / Lint (pull_request) Successful in 4m37s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-03-11 16:12:47 +03:00
c960b1b088
[ #53 ] iam: Extend support s3 to native actions
...
DCO action / DCO (pull_request) Successful in 49s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m18s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m13s
Tests and linters / Staticcheck (pull_request) Successful in 1m11s
Tests and linters / Tests with -race (pull_request) Successful in 1m43s
Tests and linters / Lint (pull_request) Successful in 2m4s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-26 12:42:15 +03:00
0edc002441
[ #46 ] iam: Handle s3 complex actions
...
DCO action / DCO (pull_request) Successful in 59s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m11s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m17s
Tests and linters / Staticcheck (pull_request) Successful in 1m24s
Tests and linters / Tests with -race (pull_request) Successful in 1m33s
Tests and linters / Lint (pull_request) Successful in 2m17s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-01 17:19:00 +03:00
1cdb3e5a4a
[ #46 ] iam: Support more s3 to native actions mapping
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-02-01 17:18:55 +03:00
af388779a3
[ #46 ] iam: Shrink rules for wildcard cases
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-01-29 11:50:24 +03:00
8cc5173d73
[ #46 ] iam: Support namespaces when forming native rules
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-01-29 11:50:24 +03:00
2af381ae81
[ #46 ] iam: Error if policy doesn't have actions
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-01-29 11:50:24 +03:00
3128352693
[ #36 ] iam: Keep s3/iam prefixes in resources
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-12-20 07:08:31 +00:00
ec39d8371a
[ #36 ] iam: Support iam actions
...
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-12-20 07:08:31 +00:00
1d07331f5d
[ #28 ] iam: Fix converters
...
Handle resource without object as bucket name instead of bucket with any object
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-12-13 13:20:38 +00:00
aarifullin
df15b38c63
[ #3 ] engine: Refactor MorphRuleChainStorage
...
* Make changing state methods like AddMorphRuleChain,
RemoveMorphRuleChain return transaction hash and VUB.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2023-12-06 12:25:55 +03:00
aarifullin
2d4a9fc6dc
[ #25 ] engine: Refactor ChainRouter interface
...
* Pass RequestTarget instead only namespace
* Refactor unit-tests and dependencies
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2023-12-05 09:20:54 +00:00
a0a35bf4bf
[ #22 ] iam: Fix converters
...
DCO action / DCO (pull_request) Successful in 1m9s
Tests and linters / Tests (1.21) (pull_request) Successful in 1m8s
Tests and linters / Tests (1.20) (pull_request) Successful in 1m25s
Tests and linters / Tests with -race (pull_request) Successful in 1m21s
Tests and linters / Staticcheck (pull_request) Successful in 1m22s
Tests and linters / Lint (pull_request) Successful in 2m18s
Validate that actions and resources contain wildcard only at the end
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-11-28 17:56:36 +03:00
5fa9d91903
[ #17 ] iam: Add converter to native/s3 policy
...
DCO action / DCO (pull_request) Successful in 3m18s
Tests and linters / Tests (1.21) (pull_request) Successful in 3m35s
Tests and linters / Tests (1.20) (pull_request) Successful in 3m46s
Tests and linters / Tests with -race (pull_request) Successful in 3m45s
Tests and linters / Staticcheck (pull_request) Successful in 3m49s
Tests and linters / Lint (pull_request) Successful in 5m15s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-11-21 11:45:41 +03:00
aarifullin
a08f600d97
[ #7 ] engine: Set project structure pattern for files
...
* Create pkg package
* Move chain-relates structures to pkg/chain package
* Move inmemory and interface files to pkg/engine package
* Move resource structures to pkg/resource package
* Move GlobMatch to util package
Signed-off-by: Airat Arifullin <aarifullin@yadro.com>
2023-11-15 09:22:42 +00:00
63ecf63a08
[ #11 ] iam: Support 'NotPrincipal', 'NotAction', 'NotResource'
...
Tests and linters / Tests (1.21) (pull_request) Successful in 1m39s
Tests and linters / Tests (1.20) (pull_request) Successful in 2m11s
DCO action / DCO (pull_request) Successful in 2m31s
Tests and linters / Staticcheck (pull_request) Successful in 2m27s
Tests and linters / Tests with -race (pull_request) Successful in 2m35s
Tests and linters / Lint (pull_request) Successful in 3m55s
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-11-02 14:55:48 +03:00
88cf807951
[ #4 ] Add IAM policy unmarshaler
2023-10-23 15:44:34 +03:00
