Eclipse Dataspace Components
How to handle cases requiring cross-account access? #44
-
|
Hello! Consider the S3-to-S3 transfer scenario when an artifact gets moved from one account to another. The consumer in this case will have to have Read access in order for the provider to copy the artifact. In the end, there will be n-to-n cross-account access relationships. How do you plan to handle this? |
Beta Was this translation helpful? Give feedback.
Replies: 0 comments 1 reply
-
|
This can be handled by temporary access tokens with restricted access permissions. For the case where the provider "pushes" data to a consumer bucket, it needs a temporary token to write date (no read access required). The S3 provisioner implementation already supports this scenario. |
Beta Was this translation helpful? Give feedback.
This can be handled by temporary access tokens with restricted access permissions. For the case where the provider "pushes" data to a consumer bucket, it needs a temporary token to write date (no read access required). The S3 provisioner implementation already supports this scenario.