Hi, I'm new to Ceph and trying to understand how things work. Hypothetical situation: An organisation would like to provide a storage solution (S3 API) to its members. The members need to access the S3 API from the public internet. (There is no VPN). Are there any recommendations regarding having RGW facing the public internet? I'm thinking about the risk of DoS attacks. (see https://en.wikipedia.org/wiki/Denial-of-service_attack) I would assume that anonymous access to the RGW API needs to be disallowed. All access should be either authenticated or in the form of a pre-signed URL. I guess that object ACLs that give anonymous read access could be allowed but to be able to actually access such an object, a time-limited presigned URL needs to be used (that was created by an authenticated user). A download could therefore happen only after an active decision was made. The members of the organisation want to set up their own websites. Such a website could generate time-limited presigned URLs that are sent to the web browser. The visitors of the website could therefore download/upload directly from/to the RGW. My main point with the discussion above is that allowing direct anonymous read access to objects (without presigned URLs) will make it difficult to dynamically adjust the amount of legitimate read requests. When using presigned URLs there will be an authenticated user that signed it. The downloads originating from that presigned URL could therefore consume the quota of that authenticated user. If an authenticated user would run out of their download quota, no more read traffic would originate from that user. I'm doing a lot of guessing here. If you know more about this, I would be glad if you could share some advice. Do you know of any reading material about it (such as blog posts)? Thank you, Erik Sjölund _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |