在OpenStack Swift世界中,Amazon S3 Bucket Policy是否相同?

[英]Is the Amazon S3 Bucket Policy equivalent in OpenStack Swift world?


Is the Amazon S3 Bucket Policy equivalent in OpenStack Swift world? We would like to restrict access for certain containers to specific IP addresses. No other IP addresses should be able to access those containers.

在OpenStack Swift世界中,Amazon S3 Bucket Policy是否相同?我們希望將某些容器的訪問權限限制為特定的IP地址。沒有其他IP地址應該能夠訪問這些容器。

1 个解决方案

#1


2  

Swift doesn't support this out of the box.

Swift不支持開箱即用。

However, you could implement this yourself with some Swift middleware. Much of OpenStack (including Swift) is built on Python Paste, see A Do-It-Yourself Framework. Using this you could create a middleware class much like the other Swift middleware classes. Note how each class has a __call__ method, that's the entry point. You would then add you middleware to the pipeline in the config for proxy-server.conf.

但是,您可以使用一些Swift中間件自己實現。很多OpenStack(包括Swift)都是基於Python Paste構建的,請參閱“自己動手”框架。使用它可以創建一個中間件類,就像其他Swift中間件類一樣。請注意每個類如何使用__call__方法,這是入口點。然后,您將在proxy-server.conf的config中將中間件添加到管道中。

So imagine that your middleware could talk to some data store of IP addresses and check it against the IP address of the incoming request, which you should be able to get out of environ in __call__. Then the middleware would allow or deny the request based on that check.

因此,假設您的中間件可以與IP地址的某些數據存儲進行通信,並根據傳入請求的IP地址進行檢查,您應該能夠從__call__中獲取環境。然后,中間件將根據該檢查允許或拒絕請求。

If you really want to get going on developing something like this, checkout the Customize chapter of the OpenStack Operations Guide.

如果你真的想繼續開發這樣的東西,請查看OpenStack操作指南的Customize章節。


注意!

本站翻译的文章,版权归属于本站,未经许可禁止转摘,转摘请注明本文地址:https://www.itdaan.com/blog/2013/02/16/7257f55417a6b5717be5c9528a83b75c.html



 
粤ICP备14056181号  © 2014-2021 ITdaan.com