Observed that $USER placeholder is not enforced while using it in either in KEY value or User's value in Policy Item.
1. Resources: volume - test-volume bucket - test-bucket key - user/$USER, user/$USER/* 2. Policy Item: User: $USER Permissions: All
Any user should be able to create user home directory
The user is denied permission to create key.
[root@quasar-tyedwn-1 keytabs]# ozone fs -mkdir -p o3fs://test-bucket.test-volume.ozone1/user/hrt_1 mkdir: User hrt_1@AD.HALXG.CLOUDERA.COM doesn't have CREATE permission to access key