User Tools

Site Tools


linux:ceph:howtos:using_acl

[HOWTO] Using ACLs

Documentation
Name:[HOWTO] Using ACLs
Description: Howto setup bucket and object ACLs
Modification date : 18/09/2019
Owner:dodger
Notify changes to:Owner
Tags:ceph, object storage
Scalate to:The_fucking_bofh

Official documentation

For Objects

For Buckets

For both

Real life

Object to public+url

Python example:

def set_public(FileName):
    filekey = bucket.get_key(FileName)
    filekey.set_canned_acl('public-read')
    fileUrl = filekey.generate_url(0, query_auth=False, force_http=True)
    print(fileUrl)

This piece of code will make an object public and print the resulting URL, for example: http://clover.ciberterminal.net/monguitest/david_hasselhoff_dog.jpg

Object to private

Python example:

def set_private(FileName):
    filekey = bucket.get_key(FileName)
    filekey.set_canned_acl('private')

This piece of code will make an object private

Signed URL for object download (timestamped)

Python example:

def get_signed_url(FileName):
    filekey = bucket.get_key(FileName)
    fileUrl = filekey.generate_url(3600, query_auth=True, force_http=True)
    print(fileUrl)

This piece will generate a download url for an object (it can be a private object) and print it:

bofher@avmlm-salt-001 ~/scripts/ceph :( $ python s3_wrapper_v2.py --put secret.txt 
secret.txt
bofher@avmlm-salt-001 ~/scripts/ceph $ python s3_wrapper_v2.py --onehourlink secret.txt                                                                                                                          
http://clover.ciberterminal.net/monguitest/secret.txt?Signature=3gaNKewt3tM1DdgyA3ap%2BlneLeU%3D&Expires=1568794738&AWSAccessKeyId=W45IHOZ15VWDTEHHV01C
linux/ceph/howtos/using_acl.txt · Last modified: 2022/02/11 11:36 by 127.0.0.1