diff options
| author | Chris Lu <chris.lu@gmail.com> | 2020-02-09 14:30:02 -0800 |
|---|---|---|
| committer | Chris Lu <chris.lu@gmail.com> | 2020-02-09 14:30:02 -0800 |
| commit | 9ed364f053ff3a5c8675d33358a4cc7f63a79985 (patch) | |
| tree | ce2b55ad035e49590df682bc9994678fe9211b1c /weed/command/s3.go | |
| parent | 8d94564f4152cd890d5896a3dedf5e7589c5023e (diff) | |
| download | seaweedfs-9ed364f053ff3a5c8675d33358a4cc7f63a79985.tar.xz seaweedfs-9ed364f053ff3a5c8675d33358a4cc7f63a79985.zip | |
support acl
Diffstat (limited to 'weed/command/s3.go')
| -rw-r--r-- | weed/command/s3.go | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/weed/command/s3.go b/weed/command/s3.go index 10a486657..4538f2135 100644 --- a/weed/command/s3.go +++ b/weed/command/s3.go @@ -22,6 +22,7 @@ type S3Options struct { filer *string filerBucketsPath *string port *int + config *string domainName *string tlsPrivateKey *string tlsCertificate *string @@ -33,15 +34,63 @@ func init() { s3StandaloneOptions.filerBucketsPath = cmdS3.Flag.String("filer.dir.buckets", "/buckets", "folder on filer to store all buckets") s3StandaloneOptions.port = cmdS3.Flag.Int("port", 8333, "s3 server http listen port") s3StandaloneOptions.domainName = cmdS3.Flag.String("domainName", "", "suffix of the host name, {bucket}.{domainName}") + s3StandaloneOptions.config = cmdS3.Flag.String("config", "", "path to the config file") s3StandaloneOptions.tlsPrivateKey = cmdS3.Flag.String("key.file", "", "path to the TLS private key file") s3StandaloneOptions.tlsCertificate = cmdS3.Flag.String("cert.file", "", "path to the TLS certificate file") } var cmdS3 = &Command{ - UsageLine: "s3 -port=8333 -filer=<ip:port>", + UsageLine: "s3 [-port=8333] [-filer=<ip:port>] [-config=</path/to/config.json>]", Short: "start a s3 API compatible server that is backed by a filer", Long: `start a s3 API compatible server that is backed by a filer. + By default, you can use any access key and secret key to access the S3 APIs. + To enable credential based access, create a config.json file similar to this: + +{ + "identities": [ + { + "name": "some_name", + "credentials": [ + { + "accessKey": "some_access_key1", + "secretKey": "some_secret_key2" + } + ], + "actions": [ + "Admin", + "Read", + "Write" + ] + }, + { + "name": "some_read_only_user", + "credentials": [ + { + "accessKey": "some_access_key1", + "secretKey": "some_secret_key1" + } + ], + "actions": [ + "Read" + ] + }, + { + "name": "some_normal_user", + "credentials": [ + { + "accessKey": "some_access_key2", + "secretKey": "some_secret_key2" + } + ], + "actions": [ + "Read", + "Write" + ] + } + ] +} + `, } @@ -66,6 +115,7 @@ func (s3opt *S3Options) startS3Server() bool { _, s3ApiServer_err := s3api.NewS3ApiServer(router, &s3api.S3ApiServerOption{ Filer: *s3opt.filer, FilerGrpcAddress: filerGrpcAddress, + Config: *s3opt.config, DomainName: *s3opt.domainName, BucketsPath: *s3opt.filerBucketsPath, GrpcDialOption: security.LoadClientTLS(util.GetViper(), "grpc.client"), |