Manage S3 users and authentication using the CLI
This page describes how to gain and obtain access permissions to the S3 protocol using the CLI.
With the CLI, you can:
View existing IAM policies
Command: weka s3 policy list
Use this command to list the existing IAM policies.
The command lists the pre-defined and custom policies the Cluster Admin has added.
Command: weka s3 policy show <policy-name>
Use this command to see the JSON definition of the selected IAM policy.
The pre-defined policy values are:
Add an IAM policy
Command: weka s3 policy add
Use the following command line to add an S3 IAM policy:
weka s3 policy add <policy-name> <policy-file>
Parameters
Name | Value |
---|---|
| Name of the IAM policy to add. |
|
Delete an IAM policy
Command: weka s3 policy remove
Use the following command line to delete an S3 IAM policy:
weka s3 policy remove <policy-name>
Parameters
Name | Value |
---|---|
| Name of the IAM policy to remove. |
Attach a policy to an S3 user
Command: weka s3 policy attach
Use the following command line to attach an IAM policy to an S3 user:
weka s3 policy attach <policy> <user>
Parameters
Name | Value |
---|---|
| Name of an existing IAM policy. |
| Name of an existing S3 user. |
Detach a policy from an S3 user
Command: weka s3 policy detach
Use the following command line to detach an IAM policy from an S3 user:
weka s3 policy detach <user>
Parameters
Name | Value |
---|---|
| Name of an existing S3 user. |
Generate a temporary security token
Command: weka s3 sts assume-role
Use the following command line to generate a temporary security token:
weka s3 sts assume-role <--access-key access-key> [--secret-key secret-key] [--policy-file policy-file] <--duration duration>
Parameters
Name | Value | Default |
---|---|---|
| An S3 user access key | |
| An S3 user secret key | If not supplied, the command prompts to supply the secret-key. |
| | |
| Duration for the token validity.
Possible values between 15 minutes and 1 week. Format: | |
An example response: