On 3/16/20 3:11 PM, Arpit Agarwal wrote:
Thanks for writing this up Marton. I updated the doc to add a fourth problem:
> Ozone buckets created via the native object store interface are not
visible via the S3 gateway.
I don’t understand option 1. Does it mean that we will have at least one volume per user?
No, you can use the same value:
kinit user1 -kt ....
ACCESS_KEY_ID=$(ozone s3 create-secret --volume=vol1)
s3 create-bucket ....
kinit user2 -kt ....
ACCESS_KEY_ID=$(ozone s3 create-secret --volume=vol1)
s3 create-bucket ....
Also the access key is separate per user - so how do I grant another user
access to my volumes?
See the previous example. If you have permission to the volume you can
create an ACCESS_KEY_ID to get an s3 view of the volume.
I like option 2. The notion of volumes already doesn’t work in the S3 world. We
also need to fix enumeration of volumes by users, this is not an S3 issue.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
