search

scality / cloudserver

Zenko CloudServer, an open-source Node.js implementation of the Amazon S3 protocol on the front-end and backend storage capabilities to multiple clouds, including Azure and Google.
https://www.zenko.io/cloudserver
Apache License 2.0
1.71k stars 241 forks source link

Support for S3 Bucket Policies #1156

Closed fordodone closed 6 years ago

fordodone commented 6 years ago

Support for S3 Bucket Policies

Please consider implementing S3 Bucket Policies.

Feature Request

S3 ACLs are a legacy feature. Bucket Policies are preferred. Please consider adding support for Bucket Policies.

Use case

Several applications write end-user assets to S3 for storage, but rely on a browser fetching them when a page loads. Using a bucket policy that allows for public GETs is ideal. Setting ACLs on every object at write time is inconvenient, and should not be an application concern.

Steps to reproduce the issue

Attempt to set bucket policy with awscli:

aws --endpoint-url http://localhost:9000 s3api put-bucket-policy --bucket foobucket --policy '{"Statement": ["Effect": "Allow","Principal": "*","Action": "s3:GetObject","Resource": "*"]}'

An error occurred (NotImplemented) when calling the PutBucketPolicy operation: A header you provided implies functionality that is not implemented.

scality/s3server logs:

s3server      | {"name":"S3","clientIP":"::ffff:172.22.0.5","clientPort":47382,"httpMethod":"PUT","httpURL":"/foobucket?policy","time":1520956186258,"req_id":"e9cd6762504a85ae308f","level":"info","message":"received request","hostname":"145b394d7e88","pid":105}
s3server      | {"name":"S3","bucketName":"foobucket","bytesReceived":92,"bodyLength":92,"bytesSent":231,"clientIP":"::ffff:172.22.0.5","clientPort":47382,"httpMethod":"PUT","httpURL":"/foobucket?policy","httpCode":501,"time":1520956186260,"req_id":"e9cd6762504a85ae308f","elapsed_ms":1.895778,"level":"info","message":"responded with error XML","hostname":"145b394d7e88","pid":105}
LaureVergeron commented 6 years ago

Hello @fordodone ,

Thanks for reaching out to us. We do support Bucket Policies, but, for now, only in our enterprise edition. If you manage a lot of data with CloudServer (over 1TB), you may be interested in getting Zenko (the stack that includes CloudServer) enterprise edition, as a pay-as-you-go service.

If you prefer staying with the open source edition, ask away anything that could help you with ACLs.

For either configuration/operational questions or enterprise solution quotes, reach out on our forum .

Cheers!

Upanshu11 commented 2 years ago

Hello @fordodone ,

Thanks for reaching out to us. We do support Bucket Policies, but, for now, only in our enterprise edition. If you manage a lot of data with CloudServer (over 1TB), you may be interested in getting Zenko (the stack that includes CloudServer) enterprise edition, as a pay-as-you-go service.

If you prefer staying with the open source edition, ask away anything that could help you with ACLs.

For either configuration/operational questions or enterprise solution quotes, reach out on our forum .

Cheers!

@LaureVergeron is it still not available in the free version of CloudServer?