Read-only Containers

In the following steps, a user named UserA is the owner of container TestStorage in project ProjX, while UserB is the new user which will only have read-only access to the same container.

Step-by-step guide


  1. Create the new UserB API user in https://admin.citycloud.com/users/openstack and download its RC-file by pressing on the meatball-icon on the right of your user.

    If you would like to make sure that UserB has no other access to Openstack, create a new project and create the user in this new project.

  2. In a terminal window, where you have access to the Openstack CLI, source the RC-file as follows:

    $ source openstack-rc-for-UserB
  3. Create EC2 credentials for UserB.

    $ openstack ec2 credentials create --user UserB
  4. Take note of the Access Key and Secret Key.

  5. Now, download the RC-file from https://admin.citycloud.com/users/openstack for UserA - the user that owns the container  and source it:

    $ source openstack-rc-for-UserA
  6. Modify the TestStorage container's Access Control List (ACL) by making it publicly readable and also listable:

    $ openstack container set --property read_acl=".r:*,.rlistings" TestStorage
  7. The container and its contents are now read-only accessible for anyone that has access to the container! Verify this information by running the following command:

    $ openstack container show TestStorage