Gateway Access Control Policies
The Content Gateway provides a rich access control mechanism that allows for coarse to fine-grained control over user access to content within a storage domain and administrative actions within the management API. Access control is defined within Policy documents that may specify permissions on specific objects when necessary. Access control Policy documents are stored in the following locations:
Root Policy file
Tenant Policy sub-resource
Storage domain Policy sub-resource
Bucket Policy sub-resource
The root Policy document is stored in a JSON file:
/etc/caringo/cloudgateway/policy.json
This file must be kept synchronized between all Gateway servers. Changes to the local file take effect without the need to restart the Gateway. The policy sub-resource for tenants, storage domains, and buckets is kept within the cluster, is shared among all Gateway servers, and is accessed through the management API or storage API.
Note
The root Policy configuration file must exist and must contain a valid JSON string or be blank. The minimum valid JSON content is "{}".
© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.