Project

General

Profile

Actions
Copy link

Bug #53178

open

Using STS roles, I cannot move an object wtihin a bucket that I have full access to in the role

Added by Chris Durham over 2 years ago. Updated over 2 years ago.

Status:
New
Priority:
Normal
Assignee:
Pritha Srivastava
Target version:
-
% Done:

0%

Source:
Community (user)
Tags:
role
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
Ceph - v15.2.14
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

After assuming a role, if I do:

aws s3 mv s3://bucket/obj1 s3://bucket/obj2 I get an AccessDenied. I can copy and delete objects in the bucket just fine, I have s3:* on the bucket via the role and am in the AssumeRolePolicyDocument.

If I add --debug, it appears that the error is in the CopyObject operation when I get the AccessDenied. As such, this may be the same problem as: https://tracker.ceph.com/issues/47809, but I wanted to report it in case it is not.

Using 15.2.14 on Centos8

Related issues 1 (0 open1 closed)

Related to rgw - Bug #47809: Cannot perform server-side copy using STS credentialsResolvedPritha Srivastava

Actions
Actions
Copy link
 #1

Updated by Casey Bodley over 2 years ago

  • Related to Bug #47809: Cannot perform server-side copy using STS credentials added
Actions
Copy link
 #2

Updated by Casey Bodley over 2 years ago

  • Assignee set to Pritha Srivastava
  • Tags set to role
Actions
Copy link

Also available in: Atom PDF