Add 'objectAcl' Option to the S3 Storage Backend (#1867)

* Add Object ACL Support to the S3 Storage Backend Signed-off-by: Frank Chen <frankchn@gmail.com> * Made changes per @RichardScothern's comments Signed-off-by: Frank Chen <frankchn@gmail.com> * Fix Typos Signed-off-by: Frank Chen <frankchn@gmail.com>
2016-07-27 12:26:57 -07:00 · 2016-07-27 12:26:57 -07:00 · 87917f3052
commit 87917f3052
parent 4abae2ae56
3 changed files with 49 additions and 1 deletions
--- a/docs/storage-drivers/s3.md
+++ b/docs/storage-drivers/s3.md
@ -160,6 +160,17 @@ An implementation of the `storagedriver.StorageDriver` interface which uses Amaz
      The S3 storage class applied to each registry file. The default value is STANDARD.
    </td>
  </tr>
+  <tr>
+    <td>
+      <code>objectacl</code>
+    </td>
+    <td>
+      no
+    </td>
+    <td>
+      The S3 Canned ACL for objects. The default value is "private".
+    </td>
+  </tr>
 </table>


@ -189,6 +200,8 @@ An implementation of the `storagedriver.StorageDriver` interface which uses Amaz

 `storageclass`: (optional) The storage class applied to each registry file. Defaults to STANDARD. Valid options are STANDARD and REDUCED_REDUNDANCY.

+`objectacl`: (optional) The canned object ACL to be applied to each registry object. Defaults to `private`. If you are using a bucket owned by another AWS account, it is recommended that you set this to `bucket-owner-full-control` so that the bucket owner can access your objects. Other valid options are available in the [AWS S3 documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl).
+
 ## S3 permission scopes

 The following IAM permissions are required by the registry for push and pull.  See [the S3 policy documentation](http://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) for more details.