You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Ivan Andika (Jira)" <ji...@apache.org> on 2023/11/06 01:34:00 UTC

[jira] (HDDS-4550) [Design]Support bucket acl operation in S3 gateway

    [ https://issues.apache.org/jira/browse/HDDS-4550 ]


    Ivan Andika deleted comment on HDDS-4550:
    -----------------------------------

was (Author: JIRAUSER298977):
Hi [~Sammi] , regarding the S3 bucket ACL, when setting the S3 Bucket ACL, should we also set the ACLs to the children objects?

The current implementation seems to only set the ACLs of the bucket and the parent volume. However, in the AWS documentation, granting a permission on the bucket should also grant some native ACL to the keys.

For example, AWS S3 WRITE permissions should "Allow grantee to create, overwrite, and delete any object in the bucket". Hence, we need to also grant the objects in the bucket the DELETE and WRITE Ozone ACL.

Please let me know if I'm wrong.

> [Design]Support bucket acl operation in S3 gateway
> --------------------------------------------------
>
>                 Key: HDDS-4550
>                 URL: https://issues.apache.org/jira/browse/HDDS-4550
>             Project: Apache Ozone
>          Issue Type: Improvement
>            Reporter: Sammi Chen
>            Assignee: Sammi Chen
>            Priority: Major
>
> https://docs.google.com/document/d/18loKS6qbMKh8kKkpPvma9X-fNIcxBVAcHulAQxZpI1c/edit?usp=sharing 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org