When I tried as below also, similar error is coming:
[root@vishwas-test cluster]# s3cmd --access_key=GY40PHWVK40A2G4XQH2D
--secret_key=bKq36rs5t1nZEL3MedAtDY3JCfBoOs1DEou0xfOk ls
s3://tenant2/jerry-bucket
ERROR: Bucket 'tenant2' does not exist
ERROR: S3 error: 404 (NoSuchBucket)
[root@vishwas-test cluster]# s3cmd --access_key=GY40PHWVK40A2G4XQH2D
--secret_key=bKq36rs5t1nZEL3MedAtDY3JCfBoOs1DEou0xfOk ls
s3://tenant2:jerry-bucket
ERROR: S3 error: 403 (SignatureDoesNotMatch)
*Thanks & Regards,*
*Vishwas *
On Thu, May 14, 2020 at 1:54 PM Vishwas Bm <bmvishwas@xxxxxxxxx> wrote:
> Hi Pritha,
>
> Thanks for the reply. Please find the user list, bucket list and also the
> command which I have used.
>
> [root@vishwas-test cluster]# radosgw-admin user list
> [
> "tenant2$Jerry",
> "tenant1$Tom"
> ]
>
> [root@vishwas-test cluster]# radosgw-admin bucket list
> [
> "tenant2/jerry-bucket"
> ]
>
> [root@vishwas-test cluster]# s3cmd info --access_key=HVTKORMH8LLDF76TKQGI
> --secret_key=9XFcvgMm4yBncA8D9SguEMVSBsUkhuuRLSbyuUPp s3://jerry-bucket
> s3://jerry-bucket/ (bucket):
> Location: default
> Payer: BucketOwner
> Expiration Rule: none
> Policy: {
> "Version": "2012-10-17",
> "Statement": [
> {
> "Principal": {"AWS": ["arn:aws:iam::tenant1:user/Tom"]},
> "Action": ["s3:ListBucket"],
> "Effect": "Allow",
> "Resource": "s3://tenant2/jerry-bucket"
> }
> ]
> }
> CORS: none
> ACL: Jerry: FULL_CONTROL
>
>
> When I try to list using Tom access keys, I get below error:
> [root@vishwas-test cluster]# s3cmd --access_key=GY40PHWVK40A2G4XQH2D
> --secret_key=bKq36rs5t1nZEL3MedAtDY3JCfBoOs1DEou0xfOk ls s3://jerry-bucket
>
> *ERROR: Bucket 'jerry-bucket' does not existERROR: S3 error: 404
> (NoSuchBucket)*
>
>
> *Thanks & Regards,*
>
> *Vishwas *
>
>
> On Thu, May 14, 2020 at 11:54 AM Pritha Srivastava <prsrivas@xxxxxxxxxx>
> wrote:
>
>> Hi Vishwas,
>>
>> Bucket policy should let you access buckets in another tenant.
>> What exact command are you using?
>>
>> Thanks,
>> Pritha
>>
>> On Thursday, May 14, 2020, Vishwas Bm <bmvishwas@xxxxxxxxx> wrote:
>>
>>> > Hi,
>>> >
>>> > I have two users both belong to different tenant.
>>> >
>>> > Can I give permission for the user in another tenant to access the
>>> bucket
>>> > using setacl or setPolicy command ?
>>> > I tried the setacl command and setpolicy command, but it was not
>>> working ?
>>> > It used to say bucket not found, when the grantee tried to access.
>>> >
>>> > Is this supported ?
>>> >
>>> > *Thanks & Regards,*
>>> > *Vishwas *
>>> >
>>>
>>> >
>>> _______________________________________________
>>> ceph-users mailing list -- ceph-users@xxxxxxx
>>> To unsubscribe send an email to ceph-users-leave@xxxxxxx
>>>
>>>
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
