S3 Control operations
S3 Control operations enable account-level management of object storage behavior in IBM Storage Ceph, allowing administrators to apply configuration settings across all buckets owned by a tenant.
The S3 Control API provides account-level control over certain object storage features in the Ceph Object Gateway. Unlike standard S3 bucket operations, S3 Control operations apply to the entire tenant (account) rather than to individual buckets.
Account-level settings are useful for enforcing consistent security and access policies across all existing and future buckets without requiring administrators to configure each bucket individually.
Account-level versus bucket-level operations
IBM Storage Ceph supports both bucket-level S3 operations and account-level S3 Control operations.
- Bucket-level S3 operations apply to individual buckets and must be configured separately for each bucket.
- Account-level S3 Control operations apply across all buckets owned by a tenant and provide centralized control over supported features.
Account-level S3 Control settings do not represent bucket operations and are documented separately to reflect their broader scope.
Public Access Block at the account level
IBM Storage Ceph supports the S3 Control Public Access Block feature, which allows administrators to block public access across all buckets in a tenant.
The following S3 Control operations are available for managing account-level Public Access Block settings: