s3proxy icon indicating copy to clipboard operation
s3proxy copied to clipboard

Published 20 hours ago verified publisher icon gaul

Azure - buckets restriction

Open arkpoah opened this issue 2 years ago • 3 comments

I need to migrate from Zenko and I tried S3Proxy which seems to fit the need. In Zenko, each account has access to buckets we specify, but with S3Proxy I don't find how to limit access to an Azure container in a same storage account in a S3Proxy instance. Is there a way to do that or a S3Proxy instance with Azure in backend necessarily has access to all storage accounts's containers ?

arkpoah avatar Dec 06 '22 09:12 arkpoah

Same issue, how to restrict to a single bucket always?

Upanshu11 avatar Dec 21 '22 15:12 Upanshu11

I think S3Proxy could add a middleware for this. The user would provide a configuration of the allowed buckets and S3Proxy would enforce that each operation consulted the allowlist. I guess listBuckets would also need to filter.

gaul avatar Dec 21 '22 23:12 gaul

List bucket would then rather have to list the "folders" present inside a specific container as "buckets", rather than listing all the available "containers". You see in zenko cloudserver, the configuration was to create buckets inside a specific container only. For cloudserver, those were buckets, but for azure, those were "folders" inside a container.

Upanshu11 avatar Jan 06 '23 15:01 Upanshu11