4.3

Manage S3 buckets using the CLI

This page describes how to manage S3 buckets using the CLI.

Using the CLI, you can:

Create a bucket

Command: weka s3 bucket create

Use the following command line to create an S3 bucket:

weka s3 bucket create <name> [--policy policy] [--policy-json policy-json] [--hard-quota hard-quota] [--fs-name fs-name] [--fs-id fs-id] [--existing-path existing-path]

Parameters

List buckets

Command: weka s3 bucket list

Use this command to list existing buckets.

Set a bucket quota

Command: weka s3 bucket quota set

Use the following command line to set an S3 bucket quota:

weka s3 bucket quota set <bucket-name> <hard-quota>

Parameters

Unset a bucket quota

Command: weka s3 bucket quota unset <bucket-name>

Use this command to unset an existing bucket quota.

If the bucket point to a directory shared with other protocols, changing the quota affects all protocols (changes the associated directory quota).

Delete a bucket

Command: weka s3 bucket destroy

Use this command to delete an existing bucket from the filesystem only if the bucket is empty. If the bucket is not empty, you can keep the data on the filesystem and remove the bucket from the S3 configuration.

weka s3 bucket destroy <name> [--unlink]

Parameters

Manage bucket policies

It is possible to set bucket policies for anonymous access. You can choose a pre-defined policy or add a customized policy.

Set a pre-defined bucket policy

A bucket is automatically created without any anonymous access permissions. You can use one of the pre-defined policies: download, upload, or public.

Example: For a bucket named mybucket, the following are the pre-defined policy values:

{
  "Statement": [
    {
      "Action": [
        "s3:GetBucketLocation",
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Principal": {
        "AWS": [
          "*"
        ]
      },
      "Resource": [
        "arn:aws:s3:::mybucket"
      ]
    },
    {
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Principal": {
        "AWS": [
          "*"
        ]
      },
      "Resource": [
        "arn:aws:s3:::mybucket/*"
      ]
    }
  ],
  "Version": "2012-10-17"
}

Command: weka s3 bucket policy set

Use the following command line to set a pre-defined bucket policy:

weka s3 bucket policy set <bucket-policy> <bucket-name>

Parameters

Set a custom bucket policy

To create a custom policy, you can use AWS Policy Generator and select S3 Bucket Policy type. With a custom policy, it is possible to limit anonymous access only to specific prefixes.

For example, to set a custom policy for mybucket to allow read-only access for objects with a public/ prefix, the custom policy, as generated with the calculator, is:

{
  "Id": "Policy1624778813411",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1624778790840",
      "Action": [
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::mybucket",
      "Condition": {
        "StringEquals": {
          "s3:prefix": "public/"
        }
      },
      "Principal": "*"
    },
    {
      "Sid": "Stmt1624778812360",
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::mybucket/public/*",
      "Principal": "*"
    }
  ]
}

Command: weka s3 bucket policy set-custom

Use the following command line to set a custom bucket policy:

weka s3 bucket policy set-custom <bucket-name> <policy-file>

Parameters

View a bucket policy

Command: weka s3 bucket policy get / weka s3 bucket policy get-json

Use the following command line to view an S3 bucket policy name/JSON:

weka s3 bucket policy get <bucket-name> / weka s3 bucket policy get-json <bucket-name>

Parameters

Unset a bucket policy

Command: weka s3 bucket policy unset

Use the following command line to unset an S3 bucket policy:

weka s3 bucket policy unset <bucket-name>

Parameters

PreviousManage S3 buckets using the GUINextS3 users and authentication

Last updated