rgw:STSLite documentation correction

Correcting STS documentation to remove s3curl.pl command for getsessiontoken and replacing it with user policy

Signed-off-by: Kalpesh Pandya <kapandya@redhat.com>

diff --git a/doc/radosgw/STSLite.rst b/doc/radosgw/STSLite.rst
index 350e36bc6100f72b1180689ca3d812c0c665efac..0d8989bd3b8e7215458c5d202650350cf312a224 100644 (file)
--- a/doc/radosgw/STSLite.rst
+++ b/doc/radosgw/STSLite.rst
@@ -37,14 +37,16 @@ Parameters:
 An end user needs to attach a policy to allow invocation of GetSessionToken API using its permanent
 credentials and to allow subsequent s3 operations invocation using only the temporary credentials returned
 by GetSessionToken.
-The following is an example of attaching the policy to a user 'TESTER1'::
-
-    s3curl.pl --debug --id admin -- -s -v -X POST "http://localhost:8000/?Action=PutUserPolicy&PolicyName=Policy1&UserName=TESTER1&PolicyDocument=\{\"Version\":\"2012-10-17\",\"Statement\":\[\{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":\[\"*\"\],\"Condition\":\{\"BoolIfExists\":\{\"sts:authentication\":\"false\"\}\}\},\{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":\{\"BoolIfExists\":\{\"sts:authentication\":\"false\"\}\}\}\]\}&Version=2010-05-08"
 
 The user attaching the policy needs to have admin caps. For example::
 
     radosgw-admin caps add --uid="TESTER" --caps="user-policy=*"
 
+The following is the policy that needs to be attached to a user 'TESTER1'::
+
+    user_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":[\"*\"],\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}},{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}}]}"
+
+
 STS Lite Configuration
 ======================