February 02, 2014, 01:27:00 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
   Home   Help Search Login Register  
Pages: [1]
Author Topic: Ability to call s3sync with more permission/access control options  (Read 3253 times)
Posts: 1

View Profile
« on: September 18, 2007, 01:36:18 AM »

I would like the ability to call s3sync with more permission/access control options, in addition to the existing --public-read option.

I know that AWS supports 5 different levels, READ, WRITE, READ_ACP, WRITE_ACP and FULL_CONTROL.

Here is my situation:
I have a private bucket owned by me (aka "foo").  I have granted another user (aka "bar") read/write permission to this bucket.  All this can be done by a number of tools (specifically used S3 Firefox Organizer).  This setup allows either "foo" or "bar" to write files to bucket, and delete files from the bucket when using the --delete option.  The problem arises when "foo" tries to read "bar"'s uploaded data, or the opposite, permission is denied.

I would like a way for every file uploaded by "foo" to grant "bar" read access, and vise versa.

I have read a bit into the developer docs and it looks like this would use a non-canned ACL and therefore would require a second separate REST API call for each object that is uploaded.  This would be similar to what is shown here http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAccessPolicy.html, only using the first example from here http://docs.amazonwebservices.com/AmazonS3/2006-03-01/UsingGrantees.html to specify the email address.  Maybe the information used to construct the ACL could be contained in the YAML config file?
Pages: [1]
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!