Hi Community, I recently proposed a new authorization mechanism for RGW that can let the RGW daemon ask an external service to authorize a request based on AWS S3 IAM tags (that means the external service would receive the same env as an IAM policy doc would have to evaluate the policy). You can find the documentation of the implementation here: https://github.com/clwluvw/ceph/blob/rgw-external-iam/doc/radosgw/external-iam.rst And the PR here: https://github.com/ceph/ceph/pull/53345 We would love to hear feedback if anyone else feels this would be a need for them and what you would think about the APIs. Best, _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |