|
1 | 1 | [NooBaa Core](../../README.md) / |
2 | 2 |
|
3 | 3 | # AWS APIs Compatibility Table |
4 | | -The chart below strives to provide an up-to-date overview of which AWS API calls are supported by NooBaa, and to what extent. |
5 | | -Actions that are absent from the table are entirely unsupported*. |
6 | | -The table is split into categories, each containing a list of features and their corresponding API actions. |
7 | | -NooBaa utilizes different implementations of API calls for different storage providers, so the table is split into columns for each provider to indicate whether it's supported or not. |
| 4 | +The chart below strives to provide an up-to-date overview of which AWS API calls are supported by NooBaa, and to what extent. |
| 5 | +Actions that are absent from the table are entirely *unsupported*. |
| 6 | + |
| 7 | +## S3 API |
| 8 | +The table is split into categories, each containing a list of features and their corresponding API actions. |
| 9 | +NooBaa utilizes different implementations of API calls for different storage providers, so the table is split into columns for each provider to indicate whether it's supported or not. |
| 10 | + |
8 | 11 | The store types currently included in the table are backingstore (regardless of storage provider), namespace filesystem (NSFS), namespace for Amazon Web Services, and namespace for Microsoft Azure. |
9 | 12 | For more information, see [S3 Compatibility](https://github.com/noobaa/noobaa-operator/tree/master/doc/s3-compatibility.md), [Bucket Types](https://github.com/noobaa/noobaa-operator/tree/master/doc/bucket-types.md), [Backingstore CRD](https://github.com/noobaa/noobaa-operator/blob/master/doc/backing-store-crd.md) and [Namespacestore CRD](https://github.com/noobaa/noobaa-operator/blob/master/doc/namespace-store-crd.md). |
10 | 13 |
|
@@ -71,16 +74,34 @@ _* Note that it is also possible for actions to be supported but absent because |
71 | 74 | | **Security** | Encryption | GetBucketEncryption | ✅ | ✅ | ❌ | ❌ | | |
72 | 75 | | | Encryption | PutBucketEncryption | ✅ | ✅* | ❌ | ❌ | *Additional automation setup is needed (NooBaa only verifies that the FS encryption matches the bucket configuration | |
73 | 76 | | | Encryption | DeleteBucketEncryption | ✅ | ✅ | ❌ | ❌ | | |
74 | | -| **STS API** | Session Tokens | AssumeRole | ✅ | ✅ | ❌ | ❌ | | |
75 | | -| **IAM API*** | Users | GetUser | ❌ | ✅ | ❌ | ❌ | | |
76 | | -| | Users | CreateUser | ❌ | ✅ | ❌ | ❌ | | |
77 | | -| | Users | UpdateUser | ❌ | ✅ | ❌ | ❌ | | |
78 | | -| | Users | DeleteUser | ❌ | ✅ | ❌ | ❌ | | |
79 | | -| | Users | ListUsers | ❌ | ✅* | ❌ | ❌ | *No pagination support | |
80 | | -| | Access Keys | GetAccessKeyLastUsed | ❌ | ✅* | ❌ | ❌ | *Partially implemented | |
81 | | -| | Access Keys | CreateAccessKey | ❌ | ✅ | ❌ | ❌ | | |
82 | | -| | Access Keys | UpdateAccessKey | ❌ | ✅ | ❌ | ❌ | | |
83 | | -| | Access Keys | DeleteAccessKey | ❌ | ✅ | ❌ | ❌ | | |
84 | | -| | Access Keys | ListAccessKeys | ❌ | ✅* | ❌ | ❌ | *No pagination support | |
85 | 77 |
|
86 | | -_* IAM API uses a different port than the S3 API, and needs to be manually enabled prior to use._ |
| 78 | + |
| 79 | +## IAM and STS API |
| 80 | +The following table compares the actions of managing entities between NooBaa deployments: |
| 81 | +1. NooBaa non-containerized deployment (NC) |
| 82 | +2. Containerized deployment |
| 83 | + |
| 84 | +| Category | Feature | API Action | Containerized | NC | Comments | |
| 85 | +|:---------------------:|:-------------------------------:|:---------------------------------:|:-------------:|:------:|-------------------------------------------------------------------------| |
| 86 | +| **STS API** | Session Tokens | AssumeRole | ✅ | ❌ | | |
| 87 | +| **IAM API** | Users | CreateUser | ✅ | ✅ | | |
| 88 | +| | Users | GetUser | ✅ | ✅ | | |
| 89 | +| | Users | UpdateUser | ✅ | ✅ | | |
| 90 | +| | Users | DeleteUser | ✅ | ✅ | | |
| 91 | +| | Users | ListUsers | ✅ | ✅ | *No pagination support| |
| 92 | +| | Access Keys | CreateAccessKey | ✅ | ✅ | | |
| 93 | +| | Access Keys | GetAccessKeyLastUsed | ✅ | ✅ | *Partially implemented| |
| 94 | +| | Access Keys | UpdateAccessKey | ✅ | ✅ | | |
| 95 | +| | Access Keys | DeleteAccessKey | ✅ | ✅ | | |
| 96 | +| | Access Keys | ListAccessKeys | ✅ | ✅ | *No pagination support| |
| 97 | +| | Tag User | TagUser | ✅ | ❌ | | |
| 98 | +| | Tag User | UntagUser | ✅ | ❌ | | |
| 99 | +| | Tag User | ListUserTags | ✅ | ❌ | *No pagination support| |
| 100 | +| | IAM Policy | PutUserPolicy | ✅ | ❌ | | |
| 101 | +| | IAM Policy | GetUserPolicy | ✅ | ❌ | | |
| 102 | +| | IAM Policy | DeleteUserPolicy | ✅ | ❌ | | |
| 103 | +| | IAM Policy | ListUserPolicies | ✅ | ❌ | *No pagination support| |
| 104 | + |
| 105 | +Notes: |
| 106 | +- IAM API uses a different port than the S3 API (and needs to be manually enabled before use in NC deployments). |
| 107 | +- The specific supported request parameters in IAM are detailed in the [IAM Design](./iam.md#supported-actions-and-their-request-parameters). |
0 commit comments