DreamObjects CDN Permissions

dreamobjects

#1

I am confused about permissions of buckets and objects on DreamObjects.

When I read this:

it tells me that I can change the permissions on a bucket from private to public, which I have done. Yet whenever I upload an object to that bucket, the object still has private permissions, which I have to reset to public before anyone can access it or I can use it via CDN.

  1. Is this correct behavior, or do I have an issue?

  2. If this is the correct behavior for objects, what effect does changing the permissions on a bucket have?

Also, when I read this:

http://wiki.dreamhost.com/DreamSpeed_CDN_Overview#Setting_up_DreamSpeed_CDN

it seems that bucket permissions are still set to private when using the bucket as a CDN. I can access the object as long as the object permissions are set to public; it does not seem to matter what the bucket permissions are.

  1. If I am using this bucket as a CDN, do bucket permissions matter?

My end goal is to upload a lot of image files to use in Moodle language courses.


#2

The permissions of the individual files are independent from the setting of the bucket. Setting the bucket permissions to one or the other doesn’t do a whole lot. The client you use to upload your files will have a default ACL for what permissions the files should be.

For example if you are using cyberduck, if you go into the preferences, then “Transfers” tab, then the “Permissions” sub-tab, you can change the permissions to:

Owner: Read / Write
Group: Nothing
Others: Read

and it will be public. If you change it to:

Owner: Read / Write
Group: Nothing
Others: Nothing

It will be private. Other clients have other ways to configure it.

It is working as intended. The bucket can be private, and a file in it public, and it will load fine. For a CDN you generally just want everything public for visitors to your site to be able to load the images.

If you need to bulk changes the files in a bucket from private to public, there is a script for that:

Or it can be done in clients like cyberduck, but if there are a lot of files it can take a while.


#3

Thank you, Justin. That clears things up perfectly.

Cool! Life has just gotten a lot easier.


#4

Based on this:

I am keeping buckets used for CDN as private to prevent listing of XML files.

Also, I upgraded to the pro version of CrossFTP, which makes bulk upload and bulk permission setting of objects a piece of cake. At only $25, it’s a bargain.


#5

I’ve just read through this for the fourth time or so. I use Transmit (Mac) and finally dug around a bit more and found the Permissions for S3: Preferences -> Rules: Permissions:S3 (Read: World).