Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to set object ACL (or better) for cross-account push #1648

Open
akarve opened this issue May 26, 2020 · 0 comments
Open

Add option to set object ACL (or better) for cross-account push #1648

akarve opened this issue May 26, 2020 · 0 comments
Assignees
@sir-sigurd

Comments

@akarve
Copy link
Member

akarve commented May 26, 2020
edited
Loading

REPRO

  1. Start with package in bucket b, Account A p = (b, A)
  2. Push p to repository (b', A') and observe that objects are not accessible and not amenable to bucket policy

DESIRED
Cross-account push just works IF the user invokes as CLI/API flag to set object ACL as follow:

aws s3api put-object-acl --bucket destination_awsexamplebucket --key keyname --acl bucket-owner-full-control

Considerations

  • Don't do this by default for simplicity/efficiency?
  • Any performance implications?
  • Can we roll this ACL set into the existing PUT calls in quilt3 so as to avoid call overhead
  • Faster ways to do this? i.e. can we set an ACL for the entire session.
@akarve akarve changed the title Add option to set object ACL (or better) on cross-account push Add option to set object ACL (or better) for cross-account push Jun 3, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sir-sigurd sir-sigurd

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sir-sigurd @akarve