Ask The Experts

Netapp StorageGrid policies

Sander

Hi team,

 

i've been struggling for a while now and the end-result was not satisfying. We got a Netapp StorageGrid environment with several tenants. Now i want to give certain users in a group access to only one bucket in a tenant. They should only see this bucket and have only read-access to this bucket. Other users are allowed to see all other buckets and have r/w access. Now, i'm testing with S3 browser but that's not very successfull, when i modify the org read-only group-policy to the following:

 

{
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",  <---- When i want to see only "testbucket" do i need to remove this?
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectVersionTagging"
],
"Resource": "arn:aws:s3:::testbucket/*"
}
]
}

 

So all users in group read-only should only see testbucket and have read-only rights on it's content. Could it be that it's S3-browser that's incompatible?

 

 

 

1 REPLY 1

Re: Netapp StorageGrid policies

Anumode

Please refer to the StorageGRID documentation 

Policy examples

Use the examples in this section to build StorageGRID Webscale access policies for buckets and groups

 

https://docs.netapp.com/sgws-110/index.jsp?topic=%2Fcom.netapp.doc.sg-s3%2FGUID-611AA26F-E29F-4944-BC8C-DADDF5385542.html

Earn Rewards for Your Review!
GPI Review Banner
All Community Forums
Public