sdgoij/rustfs
1
0
Fork 0
mirror of https://github.com/rustfs/rustfs.git synced 2026-03-17 14:24:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c4735ff884ffb027cccca592d7bd20629ce0f81
rustfs/crates/iam/AGENTS.md

831 B
Raw Blame History

IAM Crate Instructions

Applies to crates/iam/.

Security Boundaries

  • Treat IAM changes as security-sensitive by default.
  • Never log secrets, tokens, private claims, or credential material.
  • Keep deny/allow evaluation behavior consistent with existing tests unless explicitly changing policy semantics.

Contract Stability

  • Preserve compatibility of user/group/policy attachment behavior and token claim handling.
  • When changing IAM interfaces, verify impacted call sites in:
    • rustfs/src/auth.rs
    • rustfs/src/admin/
    • crates/policy/

Error Handling

  • Return explicit errors; do not use panic-driven control flow outside tests.
  • Keep error messages actionable but avoid leaking sensitive context.

Suggested Validation

  • cargo test -p rustfs-iam
  • Full gate before commit: make pre-commit
Reference in New Issue View Git Blame Copy Permalink