Hello Cephers!
We know there is ongoing work that implements a certain subset of AWS
Security Token Service for RGW endpoints and were curious to know if it'd
include the ability to apply bucket-wide constraints as follows:
{ "Version":"2012-10-17",
"Statement":[
{
"Sid":"AddCannedAcl",
"Effect":"Allow",
"Principal": {"AWS":
["arn:aws:iam::111122223333:root","arn:aws:iam::444455556666:root"]},
"Action":["s3:PutObject","s3:PutObjectAcl"],
"Resource":["arn:aws:s3:::examplebucket/*"],
}
]
}
In lieu of such facility, presently the only way to update permissions of
all objects within a bucket is to apply those permissions on each object
individually, which isn't always practical.
It'd be quite helpful to have this feature in Luminous, if possible!
Thanks!
Regards,
Vaibhav
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
