Actions
Bug #48926
openrgw: apparent failure to honor glob actions in bucket policy
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
Policy with Action of 's3:*' parse, but Kyle Bader found he had to expand the full list to get correct behavior:
'Principal': '*',
'Action': ['s3:*'],
#'Action': ['s3:*', 's3:GetObject', 's3:PutObject', 's3:PutObjectAcl', 's3:ListBucket', 's3:DeleteObject'],
'Resource': f'arn:aws:s3:::{bucket_name}/*'
Updated by Kyle Bader over 3 years ago
Upon further investigation, this policy seems to be the ticket for me:
bucket_policy = { 'Version': '2012-10-17', 'Statement': [{ 'Sid': 'AllAccess', 'Effect': 'Allow', 'Principal': '*', 'Action': ['s3:*'], #'Action': ['s3:*', 's3:GetObject', 's3:PutObject', 's3:PutObjectAcl', 's3:ListBucket', 's3:DeleteObject'], #'Resource': f'arn:aws:s3:::{bucket_name}/*' 'Resource': '*' }] }
Updated by Adam Emerson over 2 years ago
- Assignee changed from Adam Emerson to Pritha Srivastava
Actions