Managing S3 users via CLI
The concept of an S3 user is one of the base concepts of object storage along with those of an object and a bucket (a container for storing objects). The Amazon S3 protocol uses a permission model based on access control lists (ACLs), where each bucket and each object are assigned an ACL that lists all users with access to the given resource and the type of this access (read, write, read ACL, or write ACL). The list of users includes the entity owner assigned to every object and bucket at creation. The entity owner has extra rights compared to other users. For example, the bucket owner is the only one who can delete that bucket.
User model and access policies implemented in Virtuozzo Hybrid Infrastructure comply with the Amazon S3 user model and access policies.
User management scenarios in Virtuozzo Hybrid Infrastructure are largely based on the Amazon Web Services user management and include the following operations: create, query, and delete users, as well as generate and revoke user access key pairs.
You can manage users with the ostor-s3-admin
tool.
To do it via CLI, you will need to know the ID of the volume that they are in. You can obtain it with the ostor-ctl get-config
command. For example:
# ostor-ctl get-config -n 10.94.97.195 VOL_ID TYPE STATE 0100000000000002 OBJ READY ...
ostor-s3-admin
commands are assumed to be issued by object storage administrators, they do not include any authentication or authorization checks.