Ask Your Question

Revision history [back]

How to authorize keystone users to access their swift objects

Hello, I would like to create a scenario that allows a set of Keystone users (U1,U2,U3), members of the role R1, to access only their own associated objects (O1,O2,O3) in a Swift container C1.

By what i understood, I cannot restrict access to API actions ("save" to dowload/"set" to update) in the keystone policy.json file as a rule "something:save":"role:R1 and user_id:..". Is there a way to do so? how would you implement this scenario?

Thanks for every hint and reply, Umberto