forked from TrueCloudLab/frostfs-s3-gw
parent
2886ac161c
commit
3212805955
2 changed files with 18 additions and 1 deletions
|
@ -4,6 +4,9 @@ This document outlines major changes between releases.
|
|||
|
||||
## [Unreleased]
|
||||
|
||||
### Fixed
|
||||
- Empty bucket policy (#740)
|
||||
|
||||
## [0.25.0] - 2022-10-31
|
||||
|
||||
### Fixed
|
||||
|
|
|
@ -31,7 +31,21 @@ Reference:
|
|||
## ACL
|
||||
|
||||
For now there are some limitations:
|
||||
* [Bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-policies.html) supports only one `Principal` (type `AWS`) per `Statement`. To refer all users use `"AWS": "*"`
|
||||
* [Bucket policy](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-policies.html) supports only one `Principal` per `Statement`.
|
||||
Principal must be `"AWS": "*"` (to refer all users) or `"CanonicalUser": "0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf"` (hex encoded public key of desired user).
|
||||
* Resource in bucket policy is an array. Each item MUST contain bucket name, CAN contain object name (wildcards are not supported):
|
||||
```json
|
||||
{
|
||||
"Statement": [
|
||||
{
|
||||
"Resource": [
|
||||
"arn:aws:s3:::bucket",
|
||||
"arn:aws:s3:::bucket/some/object"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
* AWS conditions and wildcard are not supported in [resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-arn-format.html)
|
||||
* Only `CanonicalUser` (with hex encoded public key) and `All Users Group` are supported in [ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html)
|
||||
|
||||
|
|
Loading…
Reference in a new issue