Bug 1416227

Summary: RFE: Add support for bucket policies to restrict access to specific ip addresses
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Kyle Bader <kbader>
Component: RGWAssignee: Girjesh Rajoria <grajoria>
Status: CLOSED CURRENTRELEASE QA Contact: Tejas <tchandra>
Severity: high Docs Contact:
Priority: high    
Version: 2.2CC: anharris, cbodley, ceph-eng-bugs, kbader, mbenjamin, sweil, uboppana
Target Milestone: rcKeywords: FutureFeature
Target Release: 5.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-07-01 09:35:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kyle Bader 2017-01-24 23:49:53 UTC 
A developer should be able to optionally configure a bucket to allow or deny requests based on the REMOTE_ADDR HTTP header. Bucket configuration is detailed on this page:

https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-3

A ceph.conf boolean should allow inspection of HTTP_X_FORWARDED_FOR in place of REMOTE_ADDR for sites that place their RGW nodes behind a proxy.
Comment 4 Giridhar Ramaraju 2019-08-05 13:06:06 UTC 
Updating the QA Contact to a Hemant. Hemant will be rerouting them to the appropriate QE Associate. 

Regards,
Giri
Comment 5 Giridhar Ramaraju 2019-08-05 13:08:49 UTC 
Updating the QA Contact to a Hemant. Hemant will be rerouting them to the appropriate QE Associate. 

Regards,
Giri