Here are steps to reproduce the issue:
- Create 2 AWS s3 buckets using two different users in the same tenant
- We notice user1 can view, upload, delete files from s3 storage bucket created by user2
- Ideally each user should be able to see only his own bucket.
- How should we make sure each user can only view, upload, delete files to his own s3 storage bucket, not to others users s3 bucket with-in the same tenant.
We do have User level permisions for Storage.
Users with Read in a tenant can see all Storage (create by any user in the tenant), Full can add / delete /update existing storage.
Storage browser set to read, would give permissions to view content of the storage but cannot add or delete it.
Storage browser set to full, would give permissions to do CRUD on content of the storage.
This would be a good feature suggestion. I will move this to ideas.
Thanks Anish for your comment, but requirement is slightly different. It will be helpful if Morpheus would support this as we have existing Morpheus customer who would need this.
This is not a feature in Morpheus at the moment related to strorage permissions and visibility at the user level in same tenant. This would be a good feature suggestion.