Explains the access of an identity due to the bucket policy.
Parameters
Name
Description
Required
name
Bucket name
Yes
Request
Schema
{"description":"api_bucket_policy_access_explanation_options","type":"object","properties":{"identity":{"description":"The identity to explain bucket access for, if None then return access for an anonymous user.","type":"object","properties":{"domain":{"type":"string","enum":["LOCAL","API_NULL_DOMAIN","WORLD","POSIX_USER","POSIX_GROUP","ACTIVE_DIRECTORY","API_INVALID_DOMAIN","API_RESERVED_DOMAIN","API_INTERNAL_DOMAIN","API_OPERATOR_DOMAIN","API_CREATOR_DOMAIN"],"description":"domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"},"auth_id":{"description":"auth_id","type":"string"},"uid":{"description":"uid","type":"number"},"gid":{"description":"gid","type":"number"},"sid":{"description":"sid","type":"string"},"name":{"description":"name","type":"string"}}}}}
Response
Codes
Code
Description
200
Return value on success
Schema
{"description":"api_bucket_policy_access_explanation","type":"object","properties":{"allowed_actions":{"type":"array","items":{"description":"The complete set of API actions that the user is permitted to perform on the specified bucket.","type":"string"}},"identity":{"description":"The identity the explanation pertains to.","type":"object","properties":{"domain":{"type":"string","enum":["LOCAL","API_NULL_DOMAIN","WORLD","POSIX_USER","POSIX_GROUP","ACTIVE_DIRECTORY","API_INVALID_DOMAIN","API_RESERVED_DOMAIN","API_INTERNAL_DOMAIN","API_OPERATOR_DOMAIN","API_CREATOR_DOMAIN"],"description":"domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"},"auth_id":{"description":"auth_id","type":"string"},"uid":{"description":"uid","type":"number"},"gid":{"description":"gid","type":"number"},"sid":{"description":"sid","type":"string"},"name":{"description":"name","type":"string"}}},"rbac_allowed_actions":{"type":"array","items":{"description":"The set of actions the users RBAC roles gives them permission to perform.","type":"string"}},"statement_access":{"type":"array","items":{"description":"The access that each statement provides the identity, none if the statement does not apply to the identity.","type":"object","properties":{"allow":{"description":"Does the current statement allow or deny access?","type":"boolean"},"actions":{"type":"array","items":{"description":"The set of API actions to which the current statement refers.","type":"string"}}}}}}}
