diff --git a/config/config.env b/config/config.env index 79a0ae0b9..5f65f8400 100644 --- a/config/config.env +++ b/config/config.env @@ -123,3 +123,7 @@ S3_GW_FROSTFS_SET_COPIES_NUMBER=0 # List of allowed AccessKeyID prefixes # If not set, S3 GW will accept all AccessKeyIDs S3_GW_ALLOWED_ACCESS_KEY_ID_PREFIXES=Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZDX 3stjWenX15YwYzczMr88gy3CQr4NYFBQ8P7keGzH5QFn + +# List of container NNS zones which are allowed or restricted to resolve with HEAD request +S3_GW_RESOLVE_BUCKET_ALLOW=container +# S3_GW_RESOLVE_BUCKET_DENY= diff --git a/config/config.yaml b/config/config.yaml index 88ed20deb..1a535d43d 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -144,3 +144,8 @@ frostfs: allowed_access_key_id_prefixes: - Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZDX - 3stjWenX15YwYzczMr88gy3CQr4NYFBQ8P7keGzH5QFn + +resolve_bucket: + allow: + - container + deny: diff --git a/docs/configuration.md b/docs/configuration.md index 5a43885f8..86f08af62 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -168,21 +168,22 @@ There are some custom types used for brevity: ### Structure -| Section | Description | -|--------------------|-------------------------------------------------------------| -| no section | [General parameters](#general-section) | -| `wallet` | [Wallet configuration](#wallet-section) | -| `peers` | [Nodes configuration](#peers-section) | -| `placement_policy` | [Placement policy configuration](#placement_policy-section) | -| `server` | [Server configuration](#server-section) | -| `logger` | [Logger configuration](#logger-section) | -| `tree` | [Tree configuration](#tree-section) | -| `cache` | [Cache configuration](#cache-section) | -| `nats` | [NATS configuration](#nats-section) | -| `cors` | [CORS configuration](#cors-section) | -| `pprof` | [Pprof configuration](#pprof-section) | -| `prometheus` | [Prometheus configuration](#prometheus-section) | -| `frostfs` | [Parameters of requests to FrostFS](#frostfs-section) | +| Section | Description | +|--------------------|----------------------------------------------------------------| +| no section | [General parameters](#general-section) | +| `wallet` | [Wallet configuration](#wallet-section) | +| `peers` | [Nodes configuration](#peers-section) | +| `placement_policy` | [Placement policy configuration](#placement_policy-section) | +| `server` | [Server configuration](#server-section) | +| `logger` | [Logger configuration](#logger-section) | +| `tree` | [Tree configuration](#tree-section) | +| `cache` | [Cache configuration](#cache-section) | +| `nats` | [NATS configuration](#nats-section) | +| `cors` | [CORS configuration](#cors-section) | +| `pprof` | [Pprof configuration](#pprof-section) | +| `prometheus` | [Prometheus configuration](#prometheus-section) | +| `frostfs` | [Parameters of requests to FrostFS](#frostfs-section) | +| `resolve_bucket` | [Bucket name resolving configuration](#resolve_bucket-section) | ### General section @@ -478,3 +479,19 @@ frostfs: | Parameter | Type | Default value | Description | |---------------------|----------|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | `set_copies_number` | `uint32` | `0` | Number of the object copies to consider PUT to FrostFS successful.
Default value `0` means that object will be processed according to the container's placement policy | + +# `resolve_bucket` section + +Bucket name resolving parameters from and to container ID with `HEAD` request. + +```yaml +resolve_bucket: +allow: + - container +deny: +``` + +| Parameter | Type | Default value | Description | +|-----------|------------|---------------|--------------------------------------------------------------------------------------------------------------------------| +| `allow` | `[]string` | | List of container zones which are available to resolve. Mutual exclusive with `deny` list. Prioritized over `deny` list. | +| `deny` | `[]string` | | List of container zones which are restricted to resolve. Mutual exclusive with `allow` list. |