Bucket policy support

Questions / Help
,
1

Hello! Currently, on the docs it says that we can use IAM policy for buckets Authentication & Authorization | Tigris Object Storage Documentation

But when I try to do that it gives me the following error

1024Ɨ167 17.2 KB

How can I attach policies to buckets? Or create policies using AWS CLI

2

Hello @danestves ,

There are two things wrong here

  1. The AWS command should look like this for IAM operations
aws iam --region=auto --endpoint=https://idev-tigris-os.fly.dev:8009/ create-policy --policy-name=policy1 --policy-document file:///Users/jmj/projects/iam_test/policy1.json

note:

  • the IAM server is served at port 8009.
  • policy creation is an IAM api.
  1. There is a bug on our IAM implementation that fails to accept signed request by access key. We will fix the bug and update you here.

If you are trying to do high level read/write permission you can also use our dashboard meanwhile to adjust permissions.

fly storage dashboard

3

Hi @danestves

The bug is fixed and deployed. You can use it as follows

  1. Create IAM policy
aws iam  --endpoint=https://fly.storage.tigris.dev:8009/ create-policy --policy-name=policy1 --policy-document file:///path/to/policy.json
  1. Attach it to an user
aws iam --endpoint=https://fly.storage.tigris.dev:8009/ attach-user-policy --policy-arn=<arn> --user-name=<access_key_id>
  1. Verify attachment
aws iam --endpoint=https://fly.storage.tigris.dev:8009/ list-user-policies --user-name=<access_key_id>
1 Like
4

Thank you! Iā€™m using a Laravel project now and will configure tigris with this!

5

We are aiming to simplify the permission system and offer high level basic roles. I added more docs here https://www.tigrisdata.com/docs/concepts/authnz/#authorization

6

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.