RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2025-03-19 17:06:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

doc: fixup #58689 - document SSE-C iam condition key

Browse Source 
Signed-off-by: dawg <code@dawg.eu>

(cherry picked from commit 7b4ac88662)
This commit is contained in:
dawg 2025-03-05 10:12:57 +01:00 committed by Zac Dover
parent c95c527527
commit 5c7f8f28d5
1 changed files with 50 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
doc/radosgw/bucketpolicy.rst
View File

@ -179,53 +179,56 @@ Bucket Related Operations
Object Related Operations
~~~~~~~~~~~~~~~~~~~~~~~~~~
+-----------------------------+-----------------------------------------------+-------------------+
|Permission |Condition Keys | Comments |
| | | |
+-----------------------------+-----------------------------------------------+-------------------+
| |s3:x-amz-acl & s3:x-amz-grant-<perm> | |
| | | |
| +-----------------------------------------------+-------------------+
| |s3:x-amz-copy-source | |
| | | |
| +-----------------------------------------------+-------------------+
| |s3:x-amz-server-side-encryption | |
| | | |
| +-----------------------------------------------+-------------------+
|s3:PutObject |s3:x-amz-server-side-encryption-aws-kms-key-id | |
| | | |
| +-----------------------------------------------+-------------------+
| |s3:x-amz-metadata-directive |PUT & COPY to |
| | |overwrite/preserve |
| | |metadata in COPY |
| | |requests |
| +-----------------------------------------------+-------------------+
| |s3:RequestObjectTag/<tag-key> | |
| | | |
+-----------------------------+-----------------------------------------------+-------------------+
|s3:PutObjectAcl |s3:x-amz-acl & s3-amz-grant-<perm> | |
|s3:PutObjectVersionAcl | | |
| +-----------------------------------------------+-------------------+
| |s3:ExistingObjectTag/<tag-key> | |
| | | |
+-----------------------------+-----------------------------------------------+-------------------+
| |s3:RequestObjectTag/<tag-key> | |
|s3:PutObjectTagging & +-----------------------------------------------+-------------------+
|s3:PutObjectVersionTagging |s3:ExistingObjectTag/<tag-key> | |
| | | |
+-----------------------------+-----------------------------------------------+-------------------+
|s3:GetObject & |s3:ExistingObjectTag/<tag-key> | |
|s3:GetObjectVersion | | |
+-----------------------------+-----------------------------------------------+-------------------+
|s3:GetObjectAcl & |s3:ExistingObjectTag/<tag-key> | |
|s3:GetObjectVersionAcl | | |
+-----------------------------+-----------------------------------------------+-------------------+
|s3:GetObjectTagging & |s3:ExistingObjectTag/<tag-key> | |
|s3:GetObjectVersionTagging | | |
+-----------------------------+-----------------------------------------------+-------------------+
|s3:DeleteObjectTagging & |s3:ExistingObjectTag/<tag-key> | |
|s3:DeleteObjectVersionTagging| | |
+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
|Permission |Condition Keys | Comments |
| | | |
+-----------------------------+---------------------------------------------------+-------------------+
| |s3:x-amz-acl & s3:x-amz-grant-<perm> | |
| | | |
| +---------------------------------------------------+-------------------+
| |s3:x-amz-copy-source | |
| | | |
| +---------------------------------------------------+-------------------+
| |s3:x-amz-server-side-encryption | |
| | | |
| +---------------------------------------------------+-------------------+
|s3:PutObject |s3:x-amz-server-side-encryption-aws-kms-key-id | |
| | | |
| +---------------------------------------------------+-------------------+
| |s3:x-amz-server-side-encryption-customer-algorithm | |
| | | |
| +---------------------------------------------------+-------------------+
| |s3:x-amz-metadata-directive |PUT & COPY to |
| | |overwrite/preserve |
| | |metadata in COPY |
| | |requests |
| +---------------------------------------------------+-------------------+
| |s3:RequestObjectTag/<tag-key> | |
| | | |
+-----------------------------+---------------------------------------------------+-------------------+
|s3:PutObjectAcl |s3:x-amz-acl & s3-amz-grant-<perm> | |
|s3:PutObjectVersionAcl | | |
| +---------------------------------------------------+-------------------+
| |s3:ExistingObjectTag/<tag-key> | |
| | | |
+-----------------------------+---------------------------------------------------+-------------------+
| |s3:RequestObjectTag/<tag-key> | |
|s3:PutObjectTagging & +---------------------------------------------------+-------------------+
|s3:PutObjectVersionTagging |s3:ExistingObjectTag/<tag-key> | |
| | | |
+-----------------------------+---------------------------------------------------+-------------------+
|s3:GetObject & |s3:ExistingObjectTag/<tag-key> | |
|s3:GetObjectVersion | | |
+-----------------------------+---------------------------------------------------+-------------------+
|s3:GetObjectAcl & |s3:ExistingObjectTag/<tag-key> | |
|s3:GetObjectVersionAcl | | |
+-----------------------------+---------------------------------------------------+-------------------+
|s3:GetObjectTagging & |s3:ExistingObjectTag/<tag-key> | |
|s3:GetObjectVersionTagging | | |
+-----------------------------+---------------------------------------------------+-------------------+
|s3:DeleteObjectTagging & |s3:ExistingObjectTag/<tag-key> | |
|s3:DeleteObjectVersionTagging| | |
+-----------------------------+---------------------------------------------------+-------------------+
More may be supported soon as we integrate with the recently rewritten