summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--PendingReleaseNotes11
1 files changed, 11 insertions, 0 deletions
diff --git a/PendingReleaseNotes b/PendingReleaseNotes
index 9e677217e90..b4824a65584 100644
--- a/PendingReleaseNotes
+++ b/PendingReleaseNotes
@@ -1,5 +1,16 @@
>=20.0.0
+* RGW: The User Account feature introduced in Squid provides first-class support for
+ IAM APIs and policy. Our preliminary STS support was instead based on tenants, and
+ exposed some IAM APIs to admins only. This tenant-level IAM functionality is now
+ deprecated in favor of accounts. While we'll continue to support the tenant feature
+ itself for namespace isolation, the following features will be removed no sooner
+ than the V release:
+ * tenant-level IAM APIs like CreateRole, PutRolePolicy and PutUserPolicy,
+ * use of tenant names instead of accounts in IAM policy documents,
+ * interpretation of IAM policy without cross-account policy evaluation,
+ * S3 API support for cross-tenant names such as `Bucket='tenant:bucketname'`
+
* RBD: All Python APIs that produce timestamps now return "aware" `datetime`
objects instead of "naive" ones (i.e. those including time zone information
instead of those not including it). All timestamps remain to be in UTC but
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 10:12:26 +0100