User Tools

Site Tools


linux:ceph:public_bucket_knowledge

[CEPH] Public bucket basic knowledge

Documentation
Name: [CEPH] Public bucket basic knowledge
Description: Basic information about publishing a bucket to the internet
Modification date : 03/02/2020
Owner:dodger
Notify changes to:Owner
Tags:ceph, object storage
Scalate to:The_fucking_bofh

Pre-Requirements

  • Know what are the HTTP verbs
  • Know the name of our ceph

What you should know

Our ceph/s3 object storage can be publicly accessed but is very restricted, the more restricted the higher security.

So what is open?

  • HTTP verb GET
  • Any bucket that has been requested to be open to the internet (you still must give explicit access to the objects)



What is NOT open:

  • All the rest HTTP verbs (PUT/HEAD/DELETE/POST…)
  • All the rest of buckets that are not explicitly requested to be opened.
  • All the objects in a published bucket not explicitly published as public/timed/hashed.


What you'll be able to do from internet

Just 1 thing:

curl http://larry.ciberterminal.net/monguitest/status.txt

That is:

  • you should know the name of the file that you want to access.
  • the file must be public or have any ACL setup that allow access to it without authentication (public, timed public, hash key based acces…)


What we desire that you do with the objects

Access explained Graphically

From Internet

From ciberterminal

Remember

  • Only GET is available you won't be able to:
    • bucket.list as it uses HTTP/HEAD.
    • bucket.delete as it uses HTTP/DELETE.
    • Any other operation :-)
  • You'll still have to manage the object ACL so anyone can access it, by default all the objects inside the bucket are private.
linux/ceph/public_bucket_knowledge.txt · Last modified: 2022/02/11 11:36 (external edit)