Hello Sinan,

You could create a “master” account that will create all the buckets and “sub” 
accounts that will have max_bucket set to 0 and using the master account create 
a bucket policies that will allow the sub accounts to interact with the buckets.

One downside to this solution is that the sub accounts will not see the buckets 
in their ListBuckets call as they are not the bucket owners, however when 
connecting directly to the bucket they can work with them as configured in the 
bucket policy.

Ondrej

> On 17. 4. 2024, at 14:45, si...@turka.nl wrote:
> 
> Hello,
> 
> I am using Ceph RGW for S3. Is it possible to create (sub)users that cannot 
> create/delete buckets and are limited to specific buckets?
> 
> At the end, I want to create 3 separate users and for each user I want to 
> create a bucket. The users should only have access to their own bucket and 
> should not be able to create new or delete buckets.
> 
> One approach could be to limit the max_buckets to 1 so the user cannot create 
> new buckets, but it will still have access to other buckets and will able to 
> delete buckets.
> 
> Any advice here? Thanks!
> 
> Sinan
> _______________________________________________
> ceph-users mailing list -- ceph-users@ceph.io
> To unsubscribe send an email to ceph-users-le...@ceph.io
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io

Reply via email to