You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Tree: 7eb23464f3

add-ec-vacuum

add-foundation-db

add_fasthttp_client

add_remote_storage

adding-message-queue-integration-tests

avoid_releasing_temp_file_on_write

changing-to-zap

collect-public-metrics

create-table-snapshot-api-design

data_query_pushdown

dependabot/github_actions/actions/dependency-review-action-4.8.1

dependabot/github_actions/github/codeql-action-4

dependabot/go_modules/cloud.google.com/go/kms-1.23.1

dependabot/go_modules/cloud.google.com/go/storage-1.57.0

dependabot/go_modules/github.com/Azure/azure-sdk-for-go/sdk/azidentity-1.13.0

dependabot/go_modules/github.com/go-redsync/redsync/v4-4.14.0

dependabot/go_modules/github.com/seaweedfs/raft-1.1.5

dependabot/maven/other/java/client/com.google.protobuf-protobuf-java-3.25.5

dependabot/maven/other/java/examples/org.apache.hadoop-hadoop-common-3.4.0

detect-and-plan-ec-tasks

do-not-retry-if-error-is-NotFound

fasthttp

filer1_maintenance_branch

fix-GetObjectLockConfigurationHandler

fix-race-condition

fix-versioning-listing-only

ftp

gh-pages

improve-fuse-mount

improve-fuse-mount2

logrus

master

message_send

mount2

mq-subscribe

mq2

original_weed_mount

random_access_file

refactor-needle-read-operations

refactor-volume-write

remote_overlay

revert-5134-patch-1

revert-5819-patch-1

revert-6434-bugfix-missing-s3-audit

s3-select

sub

tcp_read

test-reverting-lock-table

test_udp

testing

testing-sdx-generation

tikv

track-mount-e2e

volume_buffered_writes

worker-execute-ec-tasks

0.72

0.72.release

0.73

0.74

0.75

0.76

0.77

0.90

0.91

0.92

0.93

0.94

0.95

0.96

0.97

0.98

0.99

1.00

1.01

1.02

1.03

1.04

1.05

1.06

1.07

1.08

1.09

1.10

1.11

1.12

1.14

1.15

1.16

1.17

1.18

1.19

1.20

1.21

1.22

1.23

1.24

1.25

1.26

1.27

1.28

1.29

1.30

1.31

1.32

1.33

1.34

1.35

1.36

1.37

1.38

1.40

1.41

1.42

1.43

1.44

1.45

1.46

1.47

1.48

1.49

1.50

1.51

1.52

1.53

1.54

1.55

1.56

1.57

1.58

1.59

1.60

1.61

1.61RC

1.62

1.63

1.64

1.65

1.66

1.67

1.68

1.69

1.70

1.71

1.72

1.73

1.74

1.75

1.76

1.77

1.78

1.79

1.80

1.81

1.82

1.83

1.84

1.85

1.86

1.87

1.88

1.90

1.91

1.92

1.93

1.94

1.95

1.96

1.97

1.98

1.99

1;70

2.00

2.01

2.02

2.03

2.04

2.05

2.06

2.07

2.08

2.09

2.10

2.11

2.12

2.13

2.14

2.15

2.16

2.17

2.18

2.19

2.20

2.21

2.22

2.23

2.24

2.25

2.26

2.27

2.28

2.29

2.30

2.31

2.32

2.33

2.34

2.35

2.36

2.37

2.38

2.39

2.40

2.41

2.42

2.43

2.47

2.48

2.49

2.50

2.51

2.52

2.53

2.54

2.55

2.56

2.57

2.58

2.59

2.60

2.61

2.62

2.63

2.64

2.65

2.66

2.67

2.68

2.69

2.70

2.71

2.72

2.73

2.74

2.75

2.76

2.77

2.78

2.79

2.80

2.81

2.82

2.83

2.84

2.85

2.86

2.87

2.88

2.89

2.90

2.91

2.92

2.93

2.94

2.95

2.96

2.97

2.98

2.99

3.00

3.01

3.02

3.03

3.04

3.05

3.06

3.07

3.08

3.09

3.10

3.11

3.12

3.13

3.14

3.15

3.16

3.18

3.19

3.20

3.21

3.22

3.23

3.24

3.25

3.26

3.27

3.28

3.29

3.30

3.31

3.32

3.33

3.34

3.35

3.36

3.37

3.38

3.39

3.40

3.41

3.42

3.43

3.44

3.45

3.46

3.47

3.48

3.50

3.51

3.52

3.53

3.54

3.55

3.56

3.57

3.58

3.59

3.60

3.61

3.62

3.63

3.64

3.65

3.66

3.67

3.68

3.69

3.71

3.72

3.73

3.74

3.75

3.76

3.77

3.78

3.79

3.80

3.81

3.82

3.83

3.84

3.85

3.86

3.87

3.88

3.89

3.90

3.91

3.92

3.93

3.94

3.95

3.96

3.97

dev

helm-3.65.1

v0.69

v0.70beta

v3.33

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '7eb23464f3'

${ noResults }

seaweedfs/weed

History

chrislu 7eb23464f3 🚀 S3 MULTIPART UPLOAD IAM INTEGRATION COMPLETE: Advanced Policy-Controlled Multipart Operations! STEP 4 MILESTONE: Full IAM Integration for S3 Multipart Upload Operations 🏆 PRODUCTION-READY MULTIPART IAM SYSTEM: - S3MultipartIAMManager: Complete multipart operation validation - ValidateMultipartOperationWithIAM: Policy-based multipart authorization - MultipartUploadPolicy: Comprehensive security policy validation - Session token extraction from multiple sources (Bearer, X-Amz-Security-Token) ✅ COMPREHENSIVE IAM INTEGRATION: - Multipart operation mapping (initiate, upload_part, complete, abort, list) - Principal ARN validation with assumed role format (MultipartUser/session) - S3 action determination for multipart operations - Policy evaluation before operation execution - Enhanced IAM handlers for all multipart operations 🚀 ROBUST SECURITY & POLICY ENFORCEMENT: - Part size validation (5MB-5GB AWS limits) - Part number validation (1-10,000 parts) - Content type restrictions and validation - Required headers enforcement - IP whitelisting support for multipart operations - Upload duration limits (7 days default) ✅ COMPREHENSIVE TEST COVERAGE (100% PASSING - 25/25): - TestMultipartIAMValidation: Operation authorization (7/7) ✅ • Initiate multipart upload with session tokens ✅ • Upload part with IAM policy validation ✅ • Complete/Abort multipart with proper permissions ✅ • List operations with appropriate roles ✅ • Invalid session token handling (ErrAccessDenied) ✅ - TestMultipartUploadPolicy: Policy validation (7/7) ✅ • Part size limits and validation ✅ • Part number range validation ✅ • Content type restrictions ✅ • Required headers validation (fixed order) ✅ - TestMultipartS3ActionMapping: Action mapping (7/7) ✅ - TestSessionTokenExtraction: Token source handling (5/5) ✅ - TestUploadPartValidation: Request validation (4/4) ✅ 🎯 AWS S3-COMPATIBLE FEATURES: - All standard multipart operations (initiate, upload, complete, abort, list) - AWS-compatible error handling (ErrAccessDenied for auth failures) - Multipart session management with IAM integration - Part-level validation and policy enforcement - Upload cleanup and expiration management 🔧 KEY BUG FIXES RESOLVED: - Fixed name collision: CompleteMultipartUpload enum → MultipartOpComplete - Fixed error handling: ErrInternalError → ErrAccessDenied for auth failures - Fixed validation order: Required headers checked before content type - Enhanced token extraction from Authorization header, X-Amz-Security-Token - Proper principal ARN construction for multipart operations �� ENTERPRISE SECURITY FEATURES: - Maximum part size enforcement (5GB AWS limit) - Minimum part size validation (5MB, except last part) - Maximum parts limit (10,000 AWS limit) - Content type whitelisting for uploads - Required headers enforcement (e.g., Content-Type) - IP address restrictions via policy conditions - Session-based access control with JWT tokens This completes advanced IAM integration for all S3 multipart upload operations with comprehensive policy enforcement and AWS-compatible behavior! Next: S3-Specific IAM Policy Templates & Examples		2 months ago
..
admin	Admin UI: Fetch task logs (#7114)	2 months ago
cluster	add CORS tests (#7001)	3 months ago
command	S3 API: Add integration with KMS providers (#7152)	2 months ago
credential	Filer Store: postgres backend support pgbouncer (#7077)	2 months ago
filer	S3 API: Add SSE-KMS (#7144)	2 months ago
filer_client	Admin UI: Add message queue to admin UI (#6958)	3 months ago
glog	convert error fromating to %w everywhere (#6995)	3 months ago
iam	🔧 TDD Support: Enhanced Mock Providers & Policy Validation	2 months ago
iamapi	convert error fromating to %w everywhere (#6995)	3 months ago
images	Migrates from disintegration/imaging c2019 to cognusion/imaging c2024. (#5533)	1 year ago
kms	S3 API: Add integration with KMS providers (#7152)	2 months ago
mount	weed/mount: refactor to use atomic type (#7157)	2 months ago
mq	Context cancellation during reading range reading large files (#7093)	2 months ago
notification	fix: dead letter message log message (#7072)	3 months ago
operation	S3 API: Add SSE-S3 (#7151)	2 months ago
pb	S3 API: Add SSE-S3 (#7151)	2 months ago
query	move to https://github.com/seaweedfs/seaweedfs	3 years ago
remote_storage	fix for baidu cloud storage	2 months ago
replication	convert error fromating to %w everywhere (#6995)	3 months ago
s3api	🚀 S3 MULTIPART UPLOAD IAM INTEGRATION COMPLETE: Advanced Policy-Controlled Multipart Operations!	2 months ago
security	remove spoof-able request header (#7103)	2 months ago
sequence	remove unused function	1 year ago
server	S3 API: Add integration with KMS providers (#7152)	2 months ago
sftpd	convert error fromating to %w everywhere (#6995)	3 months ago
shell	Shell: support regular expression for collection selection (#7158)	2 months ago
static	Fix Broken Links (#5287)	2 years ago
stats	[volume] refactor and add metrics for flight upload and download data limit condition (#6920)	4 months ago
storage	volume server UI: fix ec volume ui (#7104)	2 months ago
telemetry	convert error fromating to %w everywhere (#6995)	3 months ago
topology	select the appropriate functions based on the useReservations flag	2 months ago
util	S3 API: Add SSE-KMS (#7144)	2 months ago
wdclient	convert error fromating to %w everywhere (#6995)	3 months ago
worker	S3 API: Add SSE-KMS (#7144)	2 months ago
Makefile	test versioning also (#7000)	3 months ago
weed.go	set exit status	7 months ago