diff --git a/conf/iam_rules.json b/conf/iam_rules.json index 326ebfc2..c6b0d4de 100644 --- a/conf/iam_rules.json +++ b/conf/iam_rules.json @@ -54,5 +54,35 @@ ] } ] + }, + "account2:admin": { + "Statement": [ + { + "Sid": "FullAccess", + "Action": [ + "s3:*" + ], + "Effect": "Allow", + "Resource": [ + "*" + ] + } + ] + }, + "account2:user1": { + "Statement": [ + { + "Sid": "SharedBucketAllObjects", + "Action": [ + "s3:GetObject", + "s3:ListBucket" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:s3:::sharedbucket", + "arn:aws:s3:::sharedbucket/*" + ] + } + ] } } diff --git a/conf/s3-iam.cfg.in b/conf/s3-iam.cfg.in index 95512234..1fce9e2c 100644 --- a/conf/s3-iam.cfg.in +++ b/conf/s3-iam.cfg.in @@ -73,6 +73,11 @@ user_demo_demo = DEMO_PASS .admin # Unpriviledged user of the account AUTH_demo user_demo_user1 = USER_PASS +# Main user of the account AUTH_account2 +user_account2_admin = ADMIN_PASS .admin +# Unpriviledged user of the account AUTH_account2 +user_account2_user1 = USER_PASS + [filter:versioned_writes] use = egg:oioswift#versioned_writes allow_versioned_writes = true diff --git a/tests/functional/common.sh b/tests/functional/common.sh index e6ac944a..efbbf18b 100755 --- a/tests/functional/common.sh +++ b/tests/functional/common.sh @@ -73,6 +73,14 @@ aws_secret_access_key=DEMO_PASS [user1] aws_access_key_id=demo:user1 aws_secret_access_key=USER_PASS + +[a2adm] +aws_access_key_id=account2:admin +aws_secret_access_key=ADMIN_PASS + +[a2u1] +aws_access_key_id=account2:user1 +aws_secret_access_key=USER_PASS EOF cat <"$HOME/.aws/config" @@ -85,6 +93,22 @@ s3 = multipart_chunksize = 5MB [profile user1] +s3 = + signature_version = s3 + max_concurrent_requests = 10 + max_queue_size = 100 + multipart_threshold = 15MB + multipart_chunksize = 5MB + +[profile a2adm] +s3 = + signature_version = s3 + max_concurrent_requests = 10 + max_queue_size = 100 + multipart_threshold = 15MB + multipart_chunksize = 5MB + +[profile a2u1] s3 = signature_version = s3 max_concurrent_requests = 10