You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using the registry with the S3 storage driver, write operations fail with an s3aws: AccessDenied error when bucket permissions are configured with an s3:prefix condition. This has worked with the 2.8.3 version of the registry but now fails with 3.0.0-alpha1
When removing the s3:prefix condition from the IAM policy, uploads works again as expected.
Reproduce
Apply an IAM policy as show below
Configure the S3 storage driver with a rootdirectory option defining the subpath access is restricted to
Push a layer to the registry (we use it as cache for buildah)
Description
When using the registry with the S3 storage driver, write operations fail with an
s3aws: AccessDenied
error when bucket permissions are configured with an s3:prefix condition. This has worked with the 2.8.3 version of the registry but now fails with 3.0.0-alpha1When removing the s3:prefix condition from the IAM policy, uploads works again as expected.
Reproduce
rootdirectory
option defining the subpath access is restricted toExpected behavior
No response
registry version
3.0.0-alpha1
Additional Info
IAM permission policy:
Registry logs:
The text was updated successfully, but these errors were encountered: