Hi team,
i've been struggling for a while now and the end-result was not satisfying. We got a Netapp StorageGrid environment with several tenants. Now i want to give certain users in a group access to only one bucket in a tenant. They should only see this bucket and have only read-access to this bucket. Other users are allowed to see all other buckets and have r/w access. Now, i'm testing with S3 browser but that's not very successfull, when i modify the org read-only group-policy to the following:
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets", <---- When i want to see only "testbucket" do i need to remove this?
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectVersionTagging"
],
"Resource": "arn:aws:s3:::testbucket/*"
}
]
}
So all users in group read-only should only see testbucket and have read-only rights on it's content. Could it be that it's S3-browser that's incompatible?