[Cyberduck-trac] [Cyberduck] #9635: S3 - allow IAM roles without root listing?
Cyberduck
trac at trac.cyberduck.io
Tue Jul 26 07:46:39 UTC 2016
#9635: S3 - allow IAM roles without root listing?
----------------------------+------------------------
Reporter: Guido | Owner:
Type: enhancement | Status: new
Priority: low | Milestone:
Component: s3 | Version: 5.0.3
Severity: minor | Keywords: s3 iam
Architecture: Intel | Platform: Windows 10
----------------------------+------------------------
Before the last update we could use our IAM account for controlling access
to just a specific bucket by setting the right initial bucket to connect
to in the connection settings. (The IAM role is not allowed to list all
the buckets - least privilige access for optimum security!)
Since the last update this does not work anymore,
according to the documentation this should not have worked in the first
place, stating that the accounts must have root access.
This is really counter optimum security practice and since it used to work
we where hoping if this might be something to bring back in future
versions?
cheers!
--
Ticket URL: <https://trac.cyberduck.io/ticket/9635>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list