Getting started
All completable actions have predefined roles, which are controlled by a system admin who assigns them to bucket owners.
In order to use the S3 Console, bucket owners must first generate S3 their credentials.
Generating S3 credentials
S3 credentials are used to connect to the S3 gateway for S3 operations. They are the credentials assigned to a bucket owner, allowing users to create and manage buckets and their objects from within HCP for cloud scale.
To generate new S3 credentials:
Procedure
On the Buckets page, click Generate credentials.
To create credentials, click Generate.
A warning screen appears.Click Continue.
New values for Access Key and Secret Key appear.To copy one of these values, click Copy.
Click Done.
Logging in as an admin
To log in to the S3 Console as an admin:
Procedure
Connect to the admin port:
http://<clustername>:8000Select S3 Console.
Logging in as a user
Procedure
Enter your Username and Password.
If Security Realm is presented, select the appropriate realm.
Click Log in.
Logging out
To log out of the S3 Console:
Procedure
In the upper right corner of the screen, click the user icon.
Click Log out.
Permissions
In the S3 Console app, the following rules apply to permissions:
- S3 users can view and browse buckets and objects that they are given access to.
- Only bucket owners have the ability to view policies or assign them to buckets, even if the S3 users are provided access to those buckets.
- Only an admin can assign roles to bucket owners to provide the proper privileges for them to be able to configure and view bucket policies.
The following HCP for cloud scale roles can be applied and allow/disallow bucket owners to:
- Set sync-to replication policies:
data:bucket:sync:to:set - Set sync-from replication policies:
data:bucket:sync:from:set - View sync-to and sync-from replication policies:
data:bucket:sync:get
s3:user:generate_credentials permission to be logged into the S3 Console. For more information on assigning roles, see the Administrator Help.