Ask The Experts

Netapp StorageGrid policies

Sander

Hi team,

 

i've been struggling for a while now and the end-result was not satisfying. We got a Netapp StorageGrid environment with several tenants. Now i want to give certain users in a group access to only one bucket in a tenant. They should only see this bucket and have only read-access to this bucket. Other users are allowed to see all other buckets and have r/w access. Now, i'm testing with S3 browser but that's not very successfull, when i modify the org read-only group-policy to the following:

 

{
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",  <---- When i want to see only "testbucket" do i need to remove this?
"s3:ListBucket",
"s3:ListBucketVersions",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:GetObjectVersion",
"s3:GetObjectVersionTagging"
],
"Resource": "arn:aws:s3:::testbucket/*"
}
]
}

 

So all users in group read-only should only see testbucket and have read-only rights on it's content. Could it be that it's S3-browser that's incompatible?

 

 

 

1 REPLY 1

Anumode

Please refer to the StorageGRID documentation 

Policy examples

Use the examples in this section to build StorageGRID Webscale access policies for buckets and groups

 

https://docs.netapp.com/sgws-110/index.jsp?topic=%2Fcom.netapp.doc.sg-s3%2FGUID-611AA26F-E29F-4944-BC8C-DADDF5385542.html

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public