Abstract
Customer-created objects in cloud storage buckets are stored in a flat namespace and lack the hierarchy found in folders of a traditional file system. While grouped permissions are straightforward in a file system, such permissions are relatively difficult to implement in storage systems with flat namespaces, where policies can be applied at no finer a granularity than the level of the bucket. This disclosure describes a mechanism for applying a policy to a group of objects in a storage bucket based on the prefix of the objects. Customers can identify a prefix of the object path that ends in slash (/) and apply policies based on that prefix. The described techniques enable the application of policies to objects at a level of granularity that is finer than that of the storage bucket. A customer of cloud-based storage can purchase fewer storage buckets to organize a greater number and diversity of objects, thereby reducing cost and complexity and improving scalability.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Iqbal, Muhammad Omer; Chakraborty, Subhasish; Loganathan, Raja; Szymaniak, Michal; Ganta, Rajesh; Rahmann, Matthew; Le, Thanh; Yao, Zhihong; Saraswat, Vivek; and Bhatia, Anurag, "Prefix-based Application of Policies to Objects in Cloud Storage", Technical Disclosure Commons, (March 13, 2024)
https://www.tdcommons.org/dpubs_series/6792