Requirements
Any operation or management request must be authenticated with a signed request via Signature Version 2 or 4 of the Amazon S3 protocol of the corresponding S3 system user. To authenticate API requests, you need to create a system user. First, obtain the volume ID with the ostor-ctl get-config
command. For example:
# ostor-ctl get-config -n 10.94.97.195 VOL_ID TYPE STATE 0100000000000002 OBJ READY ...
Then, create a system user on any storage node in the cluster with the ostor-s3-admin create-user -S -e <email>
command. For example:
# ostor-s3-admin create-user -S -e user@example.com -V 0100000000000002 UserEmail:user@example.com UserId:a14040e0b2ef8b28 KeyPair[0]:S3AccessKeyId:a14040e0b2ef8b28FZZ8 KeyPair[0]:S3SecretAccessKey:dbwTnQTW602aAAdq8DQVFzB6yrTCFTNiGB8C8RFA Flags:system
With this user, you can now authenticate further API requests for managing the S3 cluster. You can create multiple system accounts for different types of management operations.