Manage S3 users and authentication using the CLI
This page describes how to gain and obtain access permissions to the S3 protocol using the CLI.
With the CLI, you can:
View existing IAM policies
Command: weka s3 policy list
Use this command to list the existing IAM policies.
The command lists both the pre-defined policies and custom policies that the Cluster Admin has added.
Command: weka s3 policy show <policy-name>
Use this command to see the JSON definition of the selected IAM policy.
The pre-defined policies value are:
Add an IAM policy
Command: weka s3 policy add
Use the following command line to add an S3 IAM policy:
weka s3 policy add <policy-name> <policy-file>
Parameters
policy-name
*
Name of the IAM policy to add.
policy-file
*
Delete an IAM policy
Command: weka s3 policy remove
Use the following command line to delete an S3 IAM policy:
weka s3 policy remove <policy-name>
Parameters
policy-name
*
Name of the IAM policy to remove.
Attach a policy to an S3 user
Command: weka s3 policy attach
Use the following command line to attach an IAM policy to an S3 user:
weka s3 policy attach <policy> <user>
Parameters
policy
*
Name of an existing IAM policy.
user
*
Name of an existing S3 user.
Detach a policy from an S3 user
Command: weka s3 policy detach
Use the following command line to detach an IAM policy from an S3 user:
weka s3 policy detach <user>
Parameters
user
*
Name of an existing S3 user.
Generate a temporary security token
Command: weka s3 sts assume-role
Use the following command line to generate a temporary security token:
weka s3 sts assume-role <--access-key access-key> [--secret-key secret-key] [--policy-file policy-file] <--duration duration>
Parameters
access-key
*
An S3 user access key
secret-key
An S3 user secret key
If not supplied, the command prompts to supply the secret-key.
policy-file
duration
*
Duration for the token validity.
Possible values between 15 minutes and 1 week. Format: 900s
, 60m
, 2d
, 1w
An example response:
Last updated