gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
49a64f50f1f67f6d69133167cc1339052d3f4c92
seaweedFS/weed
History
Chris Lu 49a64f50f1 Add session policy support to IAM (#8338) 
* Add session policy support to IAM

- Implement policy evaluation for session tokens in policy_engine.go
- Add session_policy field to session claims for tracking applied policies
- Update STS service to include session policies in token generation
- Add IAM integration tests for session policy validation
- Update IAM manager to support policy attachment to sessions
- Extend S3 API STS endpoint to handle session policy restrictions

* fix: optimize session policy evaluation and add documentation

* sts: add NormalizeSessionPolicy helper for inline session policies

* sts: support inline session policies for AssumeRoleWithWebIdentity and credential-based flows

* s3api: parse and normalize Policy parameter for STS HTTP handlers

* tests: add session policy unit tests and integration tests for inline policy downscoping

* tests: add s3tables STS inline policy integration

* iam: handle user principals and validate tokens

* sts: enforce inline session policy size limit

* tests: harden s3tables STS integration config

* iam: clarify principal policy resolution errors

* tests: improve STS integration endpoint selection
2026-02-13 13:58:22 -08:00
..
admin
admin: fix file browser items-per-page selector (#8291)
2026-02-10 12:56:34 -08:00
cluster
go fmt
2026-01-28 14:34:07 -08:00
command
Switch empty-folder cleanup to bucket policy (#8292)
2026-02-10 18:38:38 -08:00
credential
Fix: filer not yet available in s3.configure (#8198)
2026-02-03 17:43:58 -08:00
filer
Switch empty-folder cleanup to bucket policy (#8292)
2026-02-10 18:38:38 -08:00
filer_client
Clean up logs and deprecated functions (#7339)
2025-10-17 22:11:50 -07:00
glog
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
iam
Add session policy support to IAM (#8338)
2026-02-13 13:58:22 -08:00
iamapi
Refactor Admin UI to use unified IAM storage and add MultipleFileStore (#8101)
2026-01-23 20:12:59 -08:00
images
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
kms
S3 API: Add integration with KMS providers (#7152)
2025-08-22 22:10:30 -07:00
mount
mount: refresh and evict hot dir cache (#8174)
2026-01-31 13:46:37 -08:00
mq
cast i to int64 first, ensuring the calculation happens in 64-bit space
2026-01-22 14:05:45 -08:00
notification
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
operation
Fix filer.sync retry on stale chunk (#8298)
2026-02-10 19:06:35 -08:00
pb
pb: fix IPv6 double brackets in ServerAddress formatting (#8329)
2026-02-12 18:11:03 -08:00
query
fix: comprehensive go vet error fixes and add CI enforcement (#7861)
2025-12-23 14:48:50 -08:00
remote_storage
Explicitly disable signing for public buckets. (#8263)
2026-02-09 11:28:07 -08:00
replication
filer.sync: support manifest chunks (#8299)
2026-02-10 20:18:35 -08:00
s3api
Add session policy support to IAM (#8338)
2026-02-13 13:58:22 -08:00
security
feat: Optional path-prefix and method scoping for Filer HTTP JWT (#8014)
2026-01-12 13:21:48 -08:00
sequence
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
server
Implement local scrubbing for EC volumes. (#8283)
2026-02-11 11:04:08 -08:00
sftpd
SFTP: support reloading user store on HUP signal (#7651)
2025-12-08 01:24:42 -08:00
shell
Fix file stat collection metric bug for the cluster.status command. (#8302)
2026-02-11 13:34:20 -08:00
static
Fix Broken Links (#5287)
2024-02-14 08:26:38 -08:00
stats
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
storage
Fix LevelDB panic on lazy reload (#8269) (#8307)
2026-02-11 14:17:21 -08:00
telemetry
Prevent split-brain: Persistent ClusterID and Join Validation (#8022)
2026-01-18 14:02:34 -08:00
topology
Fix concurrent map access in EC shards info (#8222)
2026-02-05 10:24:18 -08:00
util
pb: fix IPv6 double brackets in ServerAddress formatting (#8329)
2026-02-12 18:11:03 -08:00
wdclient
Fix S3 Gateway Read Failover #8076 (#8087)
2026-01-22 14:07:24 -08:00
worker
logging and debugging
2026-02-04 12:44:52 -08:00
Makefile
Update README and weed/Makefile (#7571)
2025-11-29 11:36:22 -08:00
weed.go
Fix the issue where fuse command on a node cannot specify multiple configuration directory paths (#7874)
2025-12-25 11:36:38 -08:00