Skip to content

Add uri flag for s3 path style addressing configuration#49835

Merged
EdwardDowling merged 2 commits intomasterfrom
edwarddowling/path-style
Feb 10, 2025
Merged

Add uri flag for s3 path style addressing configuration#49835
EdwardDowling merged 2 commits intomasterfrom
edwarddowling/path-style

Conversation

@EdwardDowling
Copy link
Copy Markdown
Contributor

@EdwardDowling EdwardDowling commented Dec 5, 2024
edited by hugoShaka
Loading

Add ability to disable path-style S3 access for third-party endpoints.

part of: #48451
Fixes https://github.com/gravitational/customer-sensitive-requests/issues/346

changelog: Add ability to disable path-style S3 access for third-party endpoints.

@EdwardDowling EdwardDowling marked this pull request as ready for review December 11, 2024 17:34
@github-actions github-actions Bot requested review from hugoShaka and tcsc December 11, 2024 17:34
@github-actions github-actions Bot added audit-log Issues related to Teleports Audit Log size/sm labels Dec 11, 2024
@programmerq
Copy link
Copy Markdown
Contributor

programmerq commented Dec 27, 2024

This change looks good to me, but should probably have the storage backend doc reflect the change: https://github.com/gravitational/teleport/blob/master/docs/pages/reference/backends.mdx#s3-session-recordings

I think we'd only need to add this bullet point underneath the endpoint description.

  • use_s3_path_style - Whether to use path-style instead of virtual-host-style URLs for the bucket. Only applies when a custom endpoint is set. Defaults to true when unset. If used without a custom endpoint set, this option has no effect.

I'm happy to add this doc commit to the branch for this PR if it's helpful.

@EdwardDowling
Copy link
Copy Markdown
Contributor Author

EdwardDowling commented Jan 2, 2025

This change looks good to me, but should probably have the storage backend doc reflect the change: https://github.com/gravitational/teleport/blob/master/docs/pages/reference/backends.mdx#s3-session-recordings

I think we'd only need to add this bullet point underneath the endpoint description.

* `use_s3_path_style` - Whether to use path-style instead of virtual-host-style URLs for the bucket. Only applies when a custom `endpoint` is set. Defaults to `true` when unset. If used without a custom `endpoint` set, this option has no effect.

I'm happy to add this doc commit to the branch for this PR if it's helpful.

Added it in there

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jan 2, 2025
edited
Loading

Amplify deployment status

Branch Commit Job ID Status Preview Updated (UTC)
edwarddowling/path-style 5c5cd76 6 ✅SUCCEED edwarddowling-path-style 2025-02-10 16:09:47

@EdwardDowling
Copy link
Copy Markdown
Contributor Author

EdwardDowling commented Jan 6, 2025

@hugoShaka @tcsc Can you take a look at this when you get a chance

@hugoShaka
Copy link
Copy Markdown
Contributor

hugoShaka commented Jan 9, 2025

Can we do a real-world test against an s3 backend not supporting path-style adressing and see if we can make teleport work? Or maybe send a dev build to the affected customer?

@milos-teleport milos-teleport added the c-gj Internal Customer Reference label Jan 13, 2025
r0mant
r0mant reviewed Jan 15, 2025
View reviewed changes
Comment thread docs/pages/reference/backends.mdx Outdated
Comment thread lib/events/s3sessions/s3handler.go Outdated
r0mant
r0mant reviewed Jan 16, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@r0mant r0mant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm after you fix the docs

Comment thread docs/pages/reference/backends.mdx Outdated
Comment thread lib/events/s3sessions/s3handler.go
r0mant
r0mant approved these changes Jan 17, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@r0mant r0mant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make sure to retest everything again since we've inverted the flag here and if everything is ok let's ship it.

@public-teleport-github-review-bot public-teleport-github-review-bot Bot removed the request for review from tcsc January 17, 2025 18:23
@EdwardDowling EdwardDowling force-pushed the edwarddowling/path-style branch from 5a4f54a to aabc379 Compare January 20, 2025 16:30
@EdwardDowling EdwardDowling mentioned this pull request Jan 22, 2025
Merged
@EdwardDowling
Copy link
Copy Markdown
Contributor Author

EdwardDowling commented Feb 10, 2025

Confirmation that the dev build worked for the customer here

@EdwardDowling EdwardDowling added this pull request to the merge queue Feb 10, 2025
Merged via the queue into master with commit e8435a5 Feb 10, 2025
@EdwardDowling EdwardDowling deleted the edwarddowling/path-style branch February 10, 2025 17:07
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Feb 10, 2025

@EdwardDowling See the table below for backport results.

Branch Result
branch/v15 Failed
branch/v17 Create PR

@EdwardDowling EdwardDowling mentioned this pull request Feb 10, 2025
Merged
carloscastrojumo pushed a commit to carloscastrojumo/teleport that referenced this pull request Feb 19, 2025
@EdwardDowling @carloscastrojumo
Add flag to allow s3 virtual style addressing (gravitational#49835)
a463d19
@zmb3 zmb3 mentioned this pull request Aug 20, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r0mant r0mant r0mant approved these changes

@hugoShaka hugoShaka hugoShaka approved these changes

Assignees

No one assigned

Labels

audit-log Issues related to Teleports Audit Log backport/branch/v17 c-gj Internal Customer Reference size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@EdwardDowling @programmerq @hugoShaka @r0mant @milos-teleport