alexvanin/distribution
1
0
Fork 0
forked from TrueCloudLab/distribution
Code Pull requests Activity

Improve section about AWS policy

Browse source
This commit is contained in:
Pavel Antonov 2016-12-07 01:46:12 +03:00
parent c7dab7f374
commit ea84d17ea6
1 changed files with 27 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
docs/storage-drivers/s3.md
View file

@ -185,9 +185,11 @@ Amazon S3 or S3 compatible services for object storage.
## S3 permission scopes ## S3 permission scopes
The following IAM permissions are required by the registry for push and pull. See [the S3 policy documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) for more details. The following AWS policy is required by the registry for push and pull. Make sure to replace `S3_BUCKET_NAME` with the name of your bucket.
``` ```
{
"Version": "2012-10-17",
"Statement": [ "Statement": [
{ {
"Effect": "Allow", "Effect": "Allow",
@ -196,7 +198,7 @@ The following IAM permissions are required by the registry for push and pull. S
"s3:GetBucketLocation", "s3:GetBucketLocation",
"s3:ListBucketMultipartUploads" "s3:ListBucketMultipartUploads"
], ],
"Resource": "arn:aws:s3:::mybucket" "Resource": "arn:aws:s3:::S3_BUCKET_NAME"
}, },
{ {
"Effect": "Allow", "Effect": "Allow",
@ -207,10 +209,12 @@ The following IAM permissions are required by the registry for push and pull. S
"s3:ListMultipartUploadParts", "s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload" "s3:AbortMultipartUpload"
], ],
"Resource": "arn:aws:s3:::mybucket/*" "Resource": "arn:aws:s3:::S3_BUCKET_NAME/*"
} }
] ]
}
``` ```
See [the S3 policy documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) for more details.
# CloudFront as Middleware with S3 backend # CloudFront as Middleware with S3 backend