-
Notifications
You must be signed in to change notification settings - Fork 241
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improvement/cldsrv 451 prep 7.70 #5349
base: improvement/CLDSRV-431-misc-api-impDeny
Are you sure you want to change the base?
Improvement/cldsrv 451 prep 7.70 #5349
Conversation
The API is started if IAM returns Allow or an implicit Deny. In these cases, we add a new boolean to the request that serves as a context when checking the Bucket/Object ACL or the Bucket policies. Then, we implement the same authorization logic as AWS, where an implicit deny from IAM and an Allow from the Bucket Policy should allow the request.
Hello kaztoozs,My role is to assist you with the merge of this Status report is not available. |
Branches have divergedThis pull request's source branch To avoid any integration risks, please re-synchronize them using one of the
Note: If you choose to rebase, you may have to ask me to rebuild |
Pull request template
Description
Motivation and context
Why is this change required? What problem does it solve?
Related issues
Please use the following link syntaxes #600 to reference issues in the
current repository
Checklist
Add tests to cover the changes
New tests added or existing tests modified to cover all changes
Code conforms with the style guide
Sign your work
In order to contribute to the project, you must sign your work
https://github.com/scality/Guidelines/blob/master/CONTRIBUTING.md#sign-your-work
Thank you again for contributing! We will try to test and integrate the change
as soon as we can.