Updated Amazon S3 API (markdown)

Amazon-S3-API.md

@@ -33,8 +33,65 @@ Currently, the following APIs are supported.
 * CopyObjectPart
 ```
 
-Not planned:
-* ACL
+Not included:
 * Policy
 
-The major difference with Amazon S3 is that the permission and access control are not implemented yet.
+# Authentication
+By default, the access key and secret key to access `weed s3` is not authenticated. To To enable credential based access, create a config.json file similar to the example below, and specify it via `weed s3 -config=config.json`.
+
+## Configuration Example
+
+You just need to create a user with all "Admin", "Read", "Write" actions.
+You can create as many users as needed. Each user can have multiple credentials.
+
+* The "Admin" action is needed to list, create, and delete buckets.
+* The "Write" action allows uploading files within a bucket. // TODO limit Write operations to a specific bucket.
+* The "Read" action allows reading and listing files within a bucket.// TODO limit Read operations to a specific bucket.
+
+
+
+```
+{
+  "identities": [
+    {
+      "name": "some_name",
+      "credentials": [
+        {
+          "accessKey": "some_access_key1",
+          "secretKey": "some_secret_key2"
+        }
+      ],
+      "actions": [
+        "Admin",
+        "Read",
+        "Write"
+      ]
+    },
+    {
+      "name": "some_read_only_user",
+      "credentials": [
+        {
+          "accessKey": "some_access_key1",
+          "secretKey": "some_secret_key1"
+        }
+      ],
+      "actions": [
+        "Read"
+      ]
+    },
+    {
+      "name": "some_normal_user",
+      "credentials": [
+        {
+          "accessKey": "some_access_key2",
+          "secretKey": "some_secret_key2"
+        }
+      ],
+      "actions": [
+        "Read",
+        "Write"
+      ]
+    }
+  ]
+}
+```