A developer should be able to optionally configure a bucket to allow or deny requests based on the REMOTE_ADDR HTTP header. Bucket configuration is detailed on this page: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-3 A ceph.conf boolean should allow inspection of HTTP_X_FORWARDED_FOR in place of REMOTE_ADDR for sites that place their RGW nodes behind a proxy.
Updating the QA Contact to a Hemant. Hemant will be rerouting them to the appropriate QE Associate. Regards, Giri