ACL permissions

Adding an ACL to a container gives the Keystone user certain data access permissions for that container.

The table below lists the permissions you can give in an ACL through the HSwift API and shows the data access permissions that correspond to each ACL permission.

ACL permissionData access permissions
ReadBrowse and read
WriteWrite and delete

When you grant ACL permissions, you either assign these permissions to individual Keystone users or make the container public. Public containers are accessible by all authenticated users unless the Tenant Administrator has allowed unauthenticated users access to the namespace through namespace protocols settings.

ACLs can only be set by a Keystone HCP tenant admin or an HCP user with tenant management privileges.