linux:ceph:howtos:using_acl
Table of Contents
[HOWTO] Using ACLs
| Documentation | |
|---|---|
| Name: | [HOWTO] Using ACLs |
| Description: | Howto setup bucket and object ACLs |
| Modification date : | 18/09/2019 |
| Owner: | dodger |
| Notify changes to: | Owner |
| Tags: | ceph, object storage |
| Scalate to: | Thefuckingbofh |
Official documentation
For Objects
For Buckets
For both
Real life
Object to public+url
Python example:
def set_public(FileName): filekey = bucket.get_key(FileName) filekey.set_canned_acl('public-read') fileUrl = filekey.generate_url(0, query_auth=False, force_http=True) print(fileUrl)
This piece of code will make an object public and print the resulting URL, for example: http://clover.ciberterminal.net/monguitest/david_hasselhoff_dog.jpg
Object to private
Python example:
def set_private(FileName): filekey = bucket.get_key(FileName) filekey.set_canned_acl('private')
This piece of code will make an object private
Signed URL for object download (timestamped)
Python example:
def get_signed_url(FileName): filekey = bucket.get_key(FileName) fileUrl = filekey.generate_url(3600, query_auth=True, force_http=True) print(fileUrl)
This piece will generate a download url for an object (it can be a private object) and print it:
bofher@avmlm-salt-001 ~/scripts/ceph :( $ python s3_wrapper_v2.py --put secret.txt secret.txt bofher@avmlm-salt-001 ~/scripts/ceph $ python s3_wrapper_v2.py --onehourlink secret.txt http://clover.ciberterminal.net/monguitest/secret.txt?Signature=3gaNKewt3tM1DdgyA3ap%2BlneLeU%3D&Expires=1568794738&AWSAccessKeyId=W45IHOZ15VWDTEHHV01C
linux/ceph/howtos/using_acl.txt · Last modified: 2022/02/11 11:36 by 127.0.0.1