>On 02/17/2017 06:25 PM, Vincent Godin wrote: >> I created 2 users : jack & bob inside a tenant_A >> jack created a bucket named BUCKET_A and want to give read access to the >> user bob >> >> with s3cmd, i can grant a user without tenant easylly: s3cmd setacl >> --acl-grant=read:user s3://BUCKET_A >> >> but with an explicit tenant, i tried : >> --acl-grant=read:bob >> --acl-grant=read:tenant_A$bob >> --acl-grant=read:tenant_A\$bob >> --acl-grant=read:"tenant_A:bob" >> >> each time, i got a s3 error : 400 (invalidArgument) >> >> Does someone know the solution ? > >Have you tried using email-address instead of tenant:UID?
I found this solution (but you’re right, it should work with email) : s3cmd setacl s3://BUCKET_A --acl-grant=read:tenant_a\$bob But i had to rename "tenant_A" in "tenant_a" because s3cmd convert all uppercases in lowercases before sending the request (why ???). In case of AWS there is no impact because user are case insensitive but for Radosgw it’s just blocking So tenant and user have to be declared in radosgw in lowercase if you want to use such a product like s3cmd
_______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
