使用 s3cmd 为 cephfs rgw 设置 policy
cephfs rgw 模式完全兼容 aws 的 s3v4 协议。
因此对 cephfs rgw 的日常管理, 可以使用 s3cmd 命令操作。
策略
配置策略
1
2
3
4
5
6
7
8
9
10
| # cat public-read-policy.json
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "*"
}]
}
|
设置策略
1
| $ s3cmd setpolicy public-read-policy.json s3://example-bucket
|
查看
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| $ s3cmd info s3://example-bucket
s3://example-bucket/ (bucket):
Location: default
Payer: BucketOwner
Expiration Rule: none
policy: {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "*"
}]
}
cors: none
ACL: AdminUser: FULL_CONTROL
|
删除策略
$ s3cmd delpolicy s3://example-bucket
s3://example-bucket/: Policy deleted
