Re: How to configure s3 bucket acl so that one user's bucket is visible to another.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

You can create subuser keys to allow other users to have access to a bucket. You have to juggle keys, but it works pretty well.

On Sun, Apr 29, 2018, 4:00 AM Yehuda Sadeh-Weinraub <yehuda@xxxxxxxxxx> wrote:
You can't. A user can only list the buckets that it owns, it cannot
list other users' buckets.

Yehuda

On Sat, Apr 28, 2018 at 11:10 AM, Безруков Илья Алексеевич
<bezrukov@xxxxxxxxx> wrote:
> Hello,
>
> How to configure s3 bucket acl so that one user's bucket is visible to
> another.
>
>
> I can create a bucket, objects in it and give another user access to it.
> But another user does not see this bucket in the list of available buckets.
>
>
> ## User1
>
> ```
> s3cmd -c s3cfg_user1 ls s3://
>
> 2018-04-28 07:50  s3://example1
>
> #set ACL
> s3cmd -c s3cfg_user1 setacl --acl-grant=all:user2 s3://example1
> s3://example1/: ACL updated
>
> # Check
> s3cmd -c s3cfg_user1 info s3://example1
> s3://example1/ (bucket):
>    Location:  us-east-1
>    Payer:     BucketOwner
>    Expiration Rule: none
>    Policy:    none
>    CORS:      none
>    ACL:       User1: FULL_CONTROL
>    ACL:       User2: FULL_CONTROL
>
> # Put some data
> s3cmd -c s3cfg_user1 put /tmp/dmesg s3://example1
> upload: '/tmp/dmesg' -> 's3://example1/dmesg'  [1 of 1]
>  5305 of 5305   100% in    0s    27.28 kB/s  done
>
> #set ACL
> s3cmd -c s3cfg_user1 setacl --acl-grant=all:bondarenko s3://example1/dmesg
> s3://example1/dmesg: ACL updated
>
> ```
>
> ## User2
> ```
> s3cmd -c ~/.s3cfg_user2 ls s3://
> 2018-04-27 14:23  s3://only_itself_dir
>
> # Check info
> s3cmd -c ~/.s3cfg_user2 info s3://example1
> ERROR: Access to bucket 'example1' was denied
> ERROR: S3 error: 403 (AccessDenied)
>
> # ls bucket
> s3cmd -c ~/.s3cfg_user2 ls s3://example1
> 2018-04-28 07:58      5305   s3://example1/dmesg
>
> #Get info
> s3cmd -c ~/.s3cfg_user2 info s3://example1/dmesg
> s3://example1/dmesg (object):
>    File size: 5305
>    Last mod:  Sat, 28 Apr 2018 07:58:03 GMT
>    MIME type: text/plain
>    Storage:   STANDARD
>    MD5 sum:   47ddc4780956cb55abe27e851aa02cfa
>    SSE:       none
>    Policy:    none
> ERROR: Access to bucket 'example1' was denied
> ERROR: S3 error: 403 (AccessDenied)
>
> #Get object
> s3cmd -c ~/.s3cfg_user2 get s3://example1/dmesg /tmp/test
> download: 's3://example1/dmesg' -> '/tmp/test'  [1 of 1]
>  5305 of 5305   100% in    0s   160.54 kB/s  done
>
> #Put some oject to bucket
> s3cmd -c ~/.s3cfg_user2 put /tmp/dmesg2 s3://example1/dmesg2
> upload: '/tmp/dmesg2' -> 's3://example1/dmesg2'  [1 of 1]
>  38136 of 38136   100% in    0s   455.18 kB/s  done
> ```
>
> Best regards,
>
> Ilya
>
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@xxxxxxxxxxxxxx
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux