doc: fixup #58689 - document SSE-C iam condition key

Signed-off-by: dawg <code@dawg.eu> (cherry picked from commit 7b4ac88662)
2025-03-20 09:16:59 +00:00 · 2025-03-05 10:12:57 +01:00 · 2025-03-05 10:12:57 +01:00 · 5c7f8f28d5
commit 5c7f8f28d5
parent c95c527527
1 changed files with 50 additions and 47 deletions
--- a/doc/radosgw/bucketpolicy.rst
+++ b/doc/radosgw/bucketpolicy.rst
@ -179,53 +179,56 @@ Bucket Related Operations
 Object Related Operations
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
-+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
-|Permission                   |Condition Keys                                 | Comments          |
+|Permission                   |Condition Keys                                     | Comments          |
-|                             |                                               |                   |
+|                             |                                                   |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
-|                             |s3:x-amz-acl & s3:x-amz-grant-<perm>           |                   |
+|                             |s3:x-amz-acl & s3:x-amz-grant-<perm>               |                   |
-|                             |                                               |                   |
+|                             |                                                   |                   |
-|                             +-----------------------------------------------+-------------------+
+|                             +---------------------------------------------------+-------------------+
-|                             |s3:x-amz-copy-source                           |                   |
+|                             |s3:x-amz-copy-source                               |                   |
-|                             |                                               |                   |
+|                             |                                                   |                   |
-|                             +-----------------------------------------------+-------------------+
+|                             +---------------------------------------------------+-------------------+
-|                             |s3:x-amz-server-side-encryption                |                   |
+|                             |s3:x-amz-server-side-encryption                    |                   |
-|                             |                                               |                   |
+|                             |                                                   |                   |
-|                             +-----------------------------------------------+-------------------+
+|                             +---------------------------------------------------+-------------------+
-|s3:PutObject                 |s3:x-amz-server-side-encryption-aws-kms-key-id |                   |
+|s3:PutObject                 |s3:x-amz-server-side-encryption-aws-kms-key-id     |                   |
-|                             |                                               |                   |
+|                             |                                                   |                   |
-|                             +-----------------------------------------------+-------------------+
+|                             +---------------------------------------------------+-------------------+
-|                             |s3:x-amz-metadata-directive                    |PUT & COPY to      |
+|                             |s3:x-amz-server-side-encryption-customer-algorithm |                   |
-|                             |                                               |overwrite/preserve |
+|                             |                                                   |                   |
-|                             |                                               |metadata in COPY   |
+|                             +---------------------------------------------------+-------------------+
-|                             |                                               |requests           |
+|                             |s3:x-amz-metadata-directive                        |PUT & COPY to      |
-|                             +-----------------------------------------------+-------------------+
+|                             |                                                   |overwrite/preserve |
-|                             |s3:RequestObjectTag/<tag-key>                  |                   |
+|                             |                                                   |metadata in COPY   |
-|                             |                                               |                   |
+|                             |                                                   |requests           |
-+-----------------------------+-----------------------------------------------+-------------------+
+|                             +---------------------------------------------------+-------------------+
-|s3:PutObjectAcl              |s3:x-amz-acl & s3-amz-grant-<perm>             |                   |
+|                             |s3:RequestObjectTag/<tag-key>                      |                   |
-|s3:PutObjectVersionAcl       |                                               |                   |
+|                             |                                                   |                   |
-|                             +-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
-|                             |s3:ExistingObjectTag/<tag-key>                 |                   |
+|s3:PutObjectAcl              |s3:x-amz-acl & s3-amz-grant-<perm>                 |                   |
-|                             |                                               |                   |
+|s3:PutObjectVersionAcl       |                                                   |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+|                             +---------------------------------------------------+-------------------+
-|                             |s3:RequestObjectTag/<tag-key>                  |                   |
+|                             |s3:ExistingObjectTag/<tag-key>                     |                   |
-|s3:PutObjectTagging &        +-----------------------------------------------+-------------------+
+|                             |                                                   |                   |
-|s3:PutObjectVersionTagging   |s3:ExistingObjectTag/<tag-key>                 |                   |
+-----------------------------+---------------------------------------------------+-------------------+
-|                             |                                               |                   |
+|                             |s3:RequestObjectTag/<tag-key>                      |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+|s3:PutObjectTagging &        +---------------------------------------------------+-------------------+
-|s3:GetObject &               |s3:ExistingObjectTag/<tag-key>                 |                   |
+|s3:PutObjectVersionTagging   |s3:ExistingObjectTag/<tag-key>                     |                   |
-|s3:GetObjectVersion          |                                               |                   |
+|                             |                                                   |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
-|s3:GetObjectAcl &            |s3:ExistingObjectTag/<tag-key>                 |                   |
+|s3:GetObject &               |s3:ExistingObjectTag/<tag-key>                     |                   |
-|s3:GetObjectVersionAcl       |                                               |                   |
+|s3:GetObjectVersion          |                                                   |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
-|s3:GetObjectTagging &        |s3:ExistingObjectTag/<tag-key>                 |                   |
+|s3:GetObjectAcl &            |s3:ExistingObjectTag/<tag-key>                     |                   |
-|s3:GetObjectVersionTagging   |                                               |                   |
+|s3:GetObjectVersionAcl       |                                                   |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
-|s3:DeleteObjectTagging &     |s3:ExistingObjectTag/<tag-key>                 |                   |
+|s3:GetObjectTagging &        |s3:ExistingObjectTag/<tag-key>                     |                   |
-|s3:DeleteObjectVersionTagging|                                               |                   |
+|s3:GetObjectVersionTagging   |                                                   |                   |
-+-----------------------------+-----------------------------------------------+-------------------+
+-----------------------------+---------------------------------------------------+-------------------+
 |s3:DeleteObjectTagging &     |s3:ExistingObjectTag/<tag-key>                     |                   |
 |s3:DeleteObjectVersionTagging|                                                   |                   |
 +-----------------------------+---------------------------------------------------+-------------------+
 More may be supported soon as we integrate with the recently rewritten