security - Is the Amazon S3 Bucket Policy equivalent in OpenStack Swift world? -
is amazon s3 bucket policy equivalent in openstack swift world? restrict access containers specific ip addresses. no other ip addresses should able access containers.
swift doesn't back upwards out of box.
however, implement swift middleware. much of openstack (including swift) built on python paste, see a do-it-yourself framework. using create middleware class much other swift middleware classes. note how each class has __call__ method, that's entry point. add together middleware pipeline in config proxy-server.conf.
so imagine middleware talk info store of ip addresses , check against ip address of incoming request, should able out of environ in __call__. middleware allow or deny request based on check.
if want going on developing this, checkout customize chapter of openstack operations guide.
security amazon-web-services amazon-s3 openstack openstack-swift
No comments:
Post a Comment