Add Other CannedAccessControlList Server Config Options #38
Comments
|
Hi there! |
… of the CannedAccessControlListProperty (cannedAcl), which offers a superset of functionality to the PublicReadProperty. For backwards compatibility, CannedAccessControlListProperty is preferred, but falls back to PublicReadProperty if unset.
|
Thanks @gkatzioura . I have forked and created an initial implementation here: https://github.com/dancockerill/CloudStorageMaven/tree/feature/38 which has presumed the deprecation of the 'publicRead' property in favour of the more general 'cannedAcl' (or CANNED_ACL Env Var), in keeping with the naming of the property on the PutObjectRequest. If the cannedAcl property is not defined, it falls back to the publicRead property, but warns of possible future removal. Accepted values for the cannedAcl property are either the name from the CannedAccessControlList enum, or the API request header values, which are returned by the toString on the enum, also found here: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html. If neither are supplied it behaves as is now. I have not updated the documentation yet, as I thought I'd submit the proposed change first. Thanks, |
As an extension of #25, it would be really useful to include the other levels of CannedAccessControlList.
The main benefit being for cross-account S3 private bucket sharing, as currently if you push an artifact to someone else's bucket, they cannot access the artifact by default. One would need to set the the CannedAcl to BucketOwnerRead or BucketOwnerFullControl.
Thanks for maintaining this plugin btw, it's incredibly useful! Pleased to find this after realising the spring version hasn't been touched in ~7 years.
I'd be happy to put together and an implementation if you're accepting merge requests.
Thanks,
Dan
The text was updated successfully, but these errors were encountered: