Support different ak/sk for per Bucket?

[whybeyoung]

After read the doc, i don't find that how to set different ak/sk for per bucket. if not support, please suggest me how to adapt to this case. I'm not prefer start multiple s3proxy process to deal with it, it's very expensive

[gaul]

@timuralp I think you are looking into this?

[whybeyoung]

My case is a mulit teanant case, and i want to provide user with different bucket, every user can control their own bucket.

Now the s3proxy only provide one pair ak/sk, which has data leak in our case...

I thinks it's a useful feature in s3proxy...

[timuralp]

I'm investigating using the bucket to look up the blobstore in the blobstore locator. The s3proxy configuration would look like a collection of properties files, one per tenant, with a set of buckets per blobstore. @berlinsaint is that similar to your ask?

[whybeyoung]

I'm investigating using the bucket to look up the blobstore in the blobstore locator. The s3proxy configuration would look like a collection of properties files, one per tenant, with a set of buckets per blobstore. @berlinsaint is that similar to your ask?

It's similar, but not the same. if use multiple properties you said（and i have saw that indeed）, means it will restart or then reload the config properties , which sounds like not very graceful. in additionaly, it will provide a set of buckets not only one ...

I saw that the doc mentioned that not support acl, disappointed a little... maybe this feature is related to “multiple user and give them different bucket access"?

[Jayd603]

I get what whybeyoung is trying to do here, he wants s3proxy to handle many different properties files (and thus credentials that go to different buckets/backends) and be able to add/remove them gracefully without a hard restart of s3proxy that disrupts connections. gaul - how difficult do you think that would be?