Administrator’s Command Line Guide
Table Of Contents
- Introduction
- Accessing Storage Clusters via iSCSI
- Accessing Storage Clusters via S3 Protocol
- Monitoring Storage Cluster
- Managing Storage Cluster Security
- Maximizing Storage Cluster Performance
3.4. Managing S3 Buckets
Note: It is recommended to periodically revoke old and generate new access key pairs.
3.3.7 Revoking S3 User Access Key Pairs
You can revoke the specified access key pair of the specified user with the ostor-s3-admin revoke-access-key
command. You need to specify the access key in the key pair you want to delete as well as the user email or
S3 ID. For example:
# ostor-s3-admin revoke-access-key -e user@email.com -k de86d1c19e616455YIPU -V 0100000000000002
Revoke access key: user id=de86d1c19e616455, access key id=de86d1c19e616455YIPU
3.4 Managing S3 Buckets
All objects in Amazon S3-like storage are stored in containers called “buckets”. Buckets are addressed by
names that are unique in the given object storage, so an S3 user of that object storage cannot create a
bucket that has the same name as a different bucket in the same object storage. Buckets are used to:
• group and isolate objects from those in other buckets,
• provide ACL management mechanisms for objects in them,
• set per-bucket access policies, for example, versioning in the bucket.
You can manage buckets with the ostor-s3-admin tool as well as S3 API third-party S3 browsers like
CyberDuck or DragonDisk. To manage buckets via CLI, you will need to know the ID of the volume that the
buckets are in. You can obtain it with the ostor-ctl get-config command. For example:
# ostor-ctl get-config -n 10.94.97.195
VOL_ID TYPE STATE
0100000000000002 OBJ READY
...
Note: As ostor-s3-admin commands are assumed to be issued by object storage administrators, they
do not include any authentication or authorization checks.
33