Chris Lu
49a64f50f1
Add session policy support to IAM (#8338)
* Add session policy support to IAM
- Implement policy evaluation for session tokens in policy_engine.go
- Add session_policy field to session claims for tracking applied policies
- Update STS service to include session policies in token generation
- Add IAM integration tests for session policy validation
- Update IAM manager to support policy attachment to sessions
- Extend S3 API STS endpoint to handle session policy restrictions
* fix: optimize session policy evaluation and add documentation
* sts: add NormalizeSessionPolicy helper for inline session policies
* sts: support inline session policies for AssumeRoleWithWebIdentity and credential-based flows
* s3api: parse and normalize Policy parameter for STS HTTP handlers
* tests: add session policy unit tests and integration tests for inline policy downscoping
* tests: add s3tables STS inline policy integration
* iam: handle user principals and validate tokens
* sts: enforce inline session policy size limit
* tests: harden s3tables STS integration config
* iam: clarify principal policy resolution errors
* tests: improve STS integration endpoint selection
2026-02-13 13:58:22 -08:00
..
2026-02-13 13:58:22 -08:00
2026-01-12 10:45:24 -08:00
2026-01-29 20:03:43 -08:00
2026-02-13 13:58:22 -08:00
2025-12-29 20:17:23 -08:00
2026-02-13 13:58:22 -08:00
2025-08-30 11:15:48 -07:00
2026-02-13 13:58:22 -08:00
2026-01-09 11:55:17 -08:00
2026-01-09 11:55:17 -08:00
2025-12-24 10:29:30 -08:00
2025-12-29 20:17:23 -08:00