Delivering Enterprise-Grade Object Storage: Bloomberg’s IAM Journey in a Multi-Tenant Architecture - Song Gao, Bloomberg Data is the foundation of Bloomberg’s financial products. At the core of our infrastructure, Ceph clusters drive our internal S3-compatible cloud storage platform, handling billions of requests daily. Our infrastructure utilizes a shared-, multi-tenant architecture that enables resource efficiency and seamless scalability. However, delivering “Storage-as-a-Service” (STaaS) in a multi-tenant model comes with unique challenges — including resilience and QoS, managing capacity at scale, and most specifically for this talk, the need to enforce strong security and privacy boundaries across tenants. In close collaboration with Ceph’s open source community, we successfully deployed Squid across our platform with IAM capabilities enabled to provide fine-grained, identity-based access controls. Beyond that, we developed a full-stack role and policy management system to simplify IAM across a dynamic, growing multi-tenant environment. In this talk, we will share how we built an enterprise-grade object storage platform powered by Ceph, and we will delve into how we tackled the key challenges to enabled Ceph to be the storage backbone for Bloomberg’s internal private cloud environment.