-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
create two namespacestore on same target-bucket with different access-mode #1166
Comments
Trying to think what is the use case here, That would mean that I might want to create NSS1 with W/R and NSS2 (pointing to the same bucket) with R only if I want to create 2 NS buckets, set buck1 on NSS1 and buck2 on NSS2. In that case, I achieve the same outcome by setting We don't have an option of not setting a w target for NS buckets, so that would seem the gap here? Am I missing the intent? |
The gap here is, we don't have way to define access properly. Due to compliance, our underlying storage is S3-compatible, we are very hard to take access control on top of this storage level directly. So we are seeking for a gateway solution. Our intent is: e.g: tech-user-1 RO Bucket-1 , RO Bucket-2, RO Bucket-3 we are able to achieve before [e03f0ca](commit: e03f0ca ) as state here #1168 Now I dont have anyway to achieve my intend. |
I believe this is the source of the error I think we should revisit this restriction. we should at least take the |
Environment info
Actual behavior
noobaa namespacestore create s3-compatible rw-ns-test --access-mode='read-write' --endpoint='https://objectstore-3.eu-de-2.cloud.sap' --secret-name='s3-secret' --signature-version='v4' --target-bucket='lis.devops.coll-1'
This can be created.
Then I want another namespacestore for readOnly thus
noobaa namespacestore create s3-compatible ro-ns-test --access-mode='read-only' --endpoint='https://objectstore-3.eu-de-2.cloud.sap' --secret-name='s3-secret' --signature-version='v4' --target-bucket='lis.devops.coll-1'
But I am getting
Why this is forbidden? One namespacestore for writing, the other one for reading, i don't see any potential concurrent issue here.
The text was updated successfully, but these errors were encountered: