Managing Permissions

Understanding Permissions

VPSA Object Storage provides 2 levels of permissions: Account and Container.

Both permissions types are enforced on account members only, account admins always have all permissions.

Account-level permissions enforce Read (listing) and Write (creating/deleting) option for containers under an account.

Container-level permissions enforce Read (list/download) and Write (upload/delete) options for objects under a container.

Default Permissions:

An account is created with default account-level permissions that allow all account members to list/create/delete containers in the account.

After an account is created, account-level permissions can be set by a VPSA Object Storage Admin or an Account Admin.

After a container is created, container-level permissions can be set by a VPSA Object Storage Admin or an Account Admin.

Setting Account Permissions (Account Admin)

Account-level permissions are set in the Account view Details pane, and can be set globally for all users in an account or per-user.

image10

  • For global account permissions, check the desired permissions for All Members in the details pane at the bottom of the Accounts view and then click Save.

  • For per-user account permissions, click Add in the toolbar on top of the Details pane. In the Set Permissions dialogue which opens, individually select the desired permissions per user and then click Save.

Note

  • When setting permission per-user, existing global permission settings are removed.

  • When setting global permissions, existing per-user permissions are removed.

Setting Container Permissions (Account Admin)

Container-level permissions are set in the Console view Details pane, and can be set globally for all users in an account or per-user.

image11

  • For global container permissions, select the desired container in the Container pane at the top of the Console view. Then select the desired permissions in the Details pane in the All Users row or All Authenticated Members row and click Save.

  • For per-user container permissions, click Add in the toolbar on top of the Details pane. In the Set Permissions dialogue which opens, individually select the desired permissions per user and then click Save.

Note

  • When setting permission per-user, existing global permission settings are removed.

  • When setting global permissions, existing per-user permissions are removed.

Note

By making a container public (Make Public/Private button) any user can list this container’s objects (using “referral” API) even without permissions for this container.