From c7b2cb630fa50898d3a379681e7669d2b148811d Mon Sep 17 00:00:00 2001 From: Chris Lu Date: Mon, 17 Feb 2020 12:53:18 -0800 Subject: [PATCH] Updated Amazon S3 API (markdown) --- Amazon-S3-API.md | 63 +++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 60 insertions(+), 3 deletions(-) diff --git a/Amazon-S3-API.md b/Amazon-S3-API.md index c7b28a2..bcb5a12 100644 --- a/Amazon-S3-API.md +++ b/Amazon-S3-API.md @@ -33,8 +33,65 @@ Currently, the following APIs are supported. * CopyObjectPart ``` -Not planned: -* ACL +Not included: * Policy -The major difference with Amazon S3 is that the permission and access control are not implemented yet. +# Authentication +By default, the access key and secret key to access `weed s3` is not authenticated. To To enable credential based access, create a config.json file similar to the example below, and specify it via `weed s3 -config=config.json`. + +## Configuration Example + +You just need to create a user with all "Admin", "Read", "Write" actions. +You can create as many users as needed. Each user can have multiple credentials. + +* The "Admin" action is needed to list, create, and delete buckets. +* The "Write" action allows uploading files within a bucket. // TODO limit Write operations to a specific bucket. +* The "Read" action allows reading and listing files within a bucket.// TODO limit Read operations to a specific bucket. + + + +``` +{ + "identities": [ + { + "name": "some_name", + "credentials": [ + { + "accessKey": "some_access_key1", + "secretKey": "some_secret_key2" + } + ], + "actions": [ + "Admin", + "Read", + "Write" + ] + }, + { + "name": "some_read_only_user", + "credentials": [ + { + "accessKey": "some_access_key1", + "secretKey": "some_secret_key1" + } + ], + "actions": [ + "Read" + ] + }, + { + "name": "some_normal_user", + "credentials": [ + { + "accessKey": "some_access_key2", + "secretKey": "some_secret_key2" + } + ], + "actions": [ + "Read", + "Write" + ] + } + ] +} +``` \ No newline at end of file