Ask The Experts

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Ask The Experts

Ask a Question

Netapp StorageGrid policies

Sander
‎2019-09-13 01:57 AM
1,395 Views

Hi team,

 

i've been struggling for a while now and the end-result was not satisfying. We got a Netapp StorageGrid environment with several tenants. Now i want to give certain users in a group access to only one bucket in a tenant. They should only see this bucket and have only read-access to this bucket. Other users are allowed to see all other buckets and have r/w access. Now, i'm testing with S3 browser but that's not very successfull, when i modify the org read-only group-policy to the following:

 

{
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",  <---- When i want to see only "testbucket" do i need to remove this?
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectVersionTagging"
],
"Resource": "arn:aws:s3:::testbucket/*"
}
]
}

 

So all users in group read-only should only see testbucket and have read-only rights on it's content. Could it be that it's S3-browser that's incompatible?

 

 

 

0 Kudos
1 REPLY 1

Anumode
NetApp
‎2019-09-15 11:44 PM
1,275 Views

Please refer to the StorageGRID documentation 

Policy examples

Use the examples in this section to build StorageGRID Webscale access policies for buckets and groups

 

https://docs.netapp.com/sgws-110/index.jsp?topic=%2Fcom.netapp.doc.sg-s3%2FGUID-611AA26F-E29F-4944-BC8C-DADDF5385542.html

0 Kudos
All Community Forums
Public