Policy-Based Access Control

[Nugine]

Simplify the implementation of policy-based access control for downstream projects.

Related Issues

• #64
• #154

References

• https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html
• https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html
• https://crates.io/crates/aws-iam

Use cases

• https://github.com/ArunaStorage/aruna/blob/efada09decb1b7b419d43a30dd63b8dcbd55b7da/components/data_proxy/src/auth/auth.rs#L46

Steps

• [x] review downstream use cases
• [x] review how we support custom access control now
  • #170
• [x] add s3s-policy to provide policy models
  • #171
• [ ] add a simple policy evaluator
  • #181
• [ ] implement a demo in s3s-fs

Branch

• https://github.com/Nugine/s3s/tree/feat_pbac

[loverustfs]

It's so great. Thank you very much.