seaweedfs/.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Chris Lu <chrislusf@users.noreply.github.com>	2025-12-12 14:45:23 -0800
committer	GitHub <noreply@github.com>	2025-12-12 14:45:23 -0800
commit	6fb3ec968d64e867ceb52c4f1db45c80309d91dd (patch)
tree	20caeebbd546b3a5a831445a39399c53f2051e24 /weed/shell
parent	b0e0c5aaabd393ca633c9c1e5d24d15d47e05bec (diff)
download	seaweedfs-6fb3ec968d64e867ceb52c4f1db45c80309d91dd.tar.xz seaweedfs-6fb3ec968d64e867ceb52c4f1db45c80309d91dd.zip

s3: allow -s3.config and -s3.iam.config to work together (#7727)

When both -s3.config and -s3.iam.config are configured, traditional credentials from -s3.config were failing with Access Denied because the authorization code always used IAM authorization when IAM integration was configured. The fix checks if the identity has legacy Actions (from -s3.config). If so, use the legacy canDo() authorization. Only use IAM authorization for JWT/STS identities that don't have legacy Actions. This allows both configuration options to coexist: - Traditional credentials use legacy authorization - JWT/STS credentials use IAM authorization Fixes #7720

Diffstat (limited to 'weed/shell')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: