Bucket policy support

Hello! Currently, on the docs it says that we can use IAM policy for buckets Authentication & Authorization | Tigris Object Storage Documentation

But when I try to do that it gives me the following error

How can I attach policies to buckets? Or create policies using AWS CLI

Hello @danestves ,

There are two things wrong here

  1. The AWS command should look like this for IAM operations
aws iam --region=auto --endpoint=https://idev-tigris-os.fly.dev:8009/ create-policy --policy-name=policy1 --policy-document file:///Users/jmj/projects/iam_test/policy1.json


  • the IAM server is served at port 8009.
  • policy creation is an IAM api.
  1. There is a bug on our IAM implementation that fails to accept signed request by access key. We will fix the bug and update you here.

If you are trying to do high level read/write permission you can also use our dashboard meanwhile to adjust permissions.

fly storage dashboard

Hi @danestves

The bug is fixed and deployed. You can use it as follows

  1. Create IAM policy
aws iam  --endpoint=https://fly.storage.tigris.dev:8009/ create-policy --policy-name=policy1 --policy-document file:///path/to/policy.json
  1. Attach it to an user
aws iam --endpoint=https://fly.storage.tigris.dev:8009/ attach-user-policy --policy-arn=<arn> --user-name=<access_key_id>
  1. Verify attachment
aws iam --endpoint=https://fly.storage.tigris.dev:8009/ list-user-policies --user-name=<access_key_id>
1 Like

Thank you! Iā€™m using a Laravel project now and will configure tigris with this!

We are aiming to simplify the permission system and offer high level basic roles. I added more docs here https://www.tigrisdata.com/docs/concepts/authnz/#authorization

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.