Hi,
we have a Cloudian Hyperstore for our VB365 repositories.
Are the permissions from the helpcenter article (old kb4046) the least required permissions and are they applicable for S3-compatible, too?
So we need ListAllMyBuckets for „*“ and the rest for the buckets i want to use, right?
They are buckets without object lock, because they are migration destinations for local JET-based repositories.
Sorry. I am a little bit confused and S3 is quite new to me.
Tia
Karsten
-
karsten123
- Service Provider
- Posts: 572
- Liked: 140 times
- Joined: Apr 03, 2019 6:53 am
- Full Name: Karsten Meja
- Contact:
-
Polina
- Veeam Software
- Posts: 3461
- Liked: 830 times
- Joined: Oct 21, 2011 11:22 am
- Full Name: Polina Vasileva
- Contact:
Re: S3 IAM policy
Hi Karsten,
Some of the permissions listed for Amazon S3 should be relevant for Cloudian as well, but not all of them. For instance, bucket- and object-level permissions should be similar, including ListAllMyBuckets.
Each S3 compatible storage system typically has its own access control mechanisms, including permissions and bucket policies.
Some of the permissions listed for Amazon S3 should be relevant for Cloudian as well, but not all of them. For instance, bucket- and object-level permissions should be similar, including ListAllMyBuckets.
Each S3 compatible storage system typically has its own access control mechanisms, including permissions and bucket policies.
-
karsten123
- Service Provider
- Posts: 572
- Liked: 140 times
- Joined: Apr 03, 2019 6:53 am
- Full Name: Karsten Meja
- Contact:
Re: S3 IAM policy
Hi Polina,
thank you for your answer.
First of all, only S3 permissions as part of the IAM policy are used. No other acl mechanisms specific to Cloudian are used in this case.
So I was including the repository, bucket and object permissions according to the documentation.
Are we good to go with it? My tests with backups anf restores were successful.
Should I contact Cloudian for specific details about IAM policies?
Thank you in advance and sorry for my noob questions
Karsten
thank you for your answer.
First of all, only S3 permissions as part of the IAM policy are used. No other acl mechanisms specific to Cloudian are used in this case.
So I was including the repository, bucket and object permissions according to the documentation.
Are we good to go with it? My tests with backups anf restores were successful.
Should I contact Cloudian for specific details about IAM policies?
Thank you in advance and sorry for my noob questions
Karsten
Who is online
Users browsing this forum: No registered users and 102 guests