Hi Pritha: I was unable to attach the permission policy through S3curl, which returned an HTTP 403 error.
./s3curl.pl --id admin -- -s -v -X POST "http://192.168.199.81:7480/?Action=PutUserPolicy&PolicyName=Policy1&UserName=TESTER&PolicyDocument=\{\"Version\":\"2012-10-17\",\"Statement\":\[\{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":\[\"*\"\],\"Condition\":\{\"BoolIfExists\":\{\"sts:authentication\":\"false\"\}\}\},\{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":\{\"BoolIfExists\":\{\"sts:authentication\":\"false\"\}\}\}\]\}&Version=2010-05-08"; Request: > POST > /?Action=PutUserPolicy&PolicyName=Policy1&UserName=TESTER&PolicyDocument={"Version":"2012-10-17","Statement":[{"Effect":"Deny","Action":"s3:*","Resource":["*"],"Condition":{"BoolIfExists":{"sts:authentication":"false"}}},{"Effect":"Allow","Action":"sts:GetSessionToken","Resource":"*","Condition":{"BoolIfExists":{"sts:authentication":"false"}}}]}&Version=2010-05-08 > HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 192.168.199.81:7480 > Accept: */* > Date: Tue, 12 Mar 2019 01:39:55 GMT > Authorization: AWS HTRJ1HIKR4FB9A24ZG9C:FTMBoc7+sJf0K+cx+nYD7Sdj2Xg= Response: < HTTP/1.1 403 Forbidden < Content-Length: 187 < x-amz-request-id: tx000000000000000000144-005c870deb-4a92d-default < Accept-Ranges: bytes < Content-Type: application/xml < Date: Tue, 12 Mar 2019 01:39:55 GMT < * Connection #0 to host 192.168.199.81 left intact <?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code><RequestId>tx000000000000000000144-005c870deb-4a92d-default</RequestId><HostId>4a92d-default-default</HostId></Error> .s3curl %awsSecretAccessKeys = ( admin => { id => 'HTRJ1HIKR4FB9A24ZG9C', key => 'Dfk7t5u4jvdyFMlEf8t4MTdBLEqVlru7tag1g8PE', }, ); Can you tell me what went wrong? Thanks, myxingkong
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
