diff options
author | Alex Auvolat <alex@adnab.me> | 2022-05-12 11:19:41 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-05-12 11:19:41 +0200 |
commit | fc2f73ddb5ecaca250daa7b034fe59fb8c47f570 (patch) | |
tree | f4287c3a90c32e2c9ea69c14085273ec32544749 /doc/drafts | |
parent | fe399a326506a9d8870cb7783a57495849793d2c (diff) | |
download | garage-fc2f73ddb5ecaca250daa7b034fe59fb8c47f570.tar.gz garage-fc2f73ddb5ecaca250daa7b034fe59fb8c47f570.zip |
BucketAllowKey and BucketDenyKey
Diffstat (limited to 'doc/drafts')
-rw-r--r-- | doc/drafts/admin-api.md | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/doc/drafts/admin-api.md b/doc/drafts/admin-api.md index 048b77fb..5dc3f127 100644 --- a/doc/drafts/admin-api.md +++ b/doc/drafts/admin-api.md @@ -456,3 +456,48 @@ or no alias at all. Deletes a storage bucket. A bucket cannot be deleted if it is not empty. Warning: this will delete all aliases associated with the bucket! + + +## Operations on permissions for keys on buckets + +### BucketAllowKey `POST /bucket/allow` + +Allows a key to do read/write/owner operations on a bucket. + +Request body format: + +```json +{ + "bucketId": "e6a14cd6a27f48684579ec6b381c078ab11697e6bc8513b72b2f5307e25fff9b", + "accessKeyId": "GK31c2f218a2e44f485b94239e", + "permissions": { + "read": true, + "write": true, + "owner": true + }, +} +``` + +Flags in `permissions` which have the value `true` will be activated. +Other flags will remain unchanged. + +### BucketDenyKey `POST /bucket/deny` + +Denies a key from doing read/write/owner operations on a bucket. + +Request body format: + +```json +{ + "bucketId": "e6a14cd6a27f48684579ec6b381c078ab11697e6bc8513b72b2f5307e25fff9b", + "accessKeyId": "GK31c2f218a2e44f485b94239e", + "permissions": { + "read": false, + "write": false, + "owner": true + }, +} +``` + +Flags in `permissions` which have the value `true` will be deactivated. +Other flags will remain unchanged. |