3.2. Managing S3 Users and Listing Buckets via REST API

This section describes how to manage users via the REST API in a service provider scenario. New customers will sign up for the service during purchase in your online store and you will need to create users for them in the S3 cluster.

3.2.1. Creating S3 Users

You can create an S3 user by sending a PUT request to the ostor-users service along with an email address:

# s3_curl PUT "http://s3.example.com/?ostor-users&emailAddress=user@example.com"
{
    "UserEmail": "user@example.com",
    "UserId": "ca55631f9f3d59dc",
    "AWSAccessKeys": [
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcDF4M",
            "AWSSecretAccessKey": "QCbj17BzeepyvUAdJeFNFYW9fCzbq0uFal6e5pGm"
        }
    ]
}

3.2.2. Listing S3 Users

You can list information about all users by sending a GET request to the ostor-users service. Additional rows may list S3 access key pairs associated with each user. For example:

# s3_curl GET "http://s3.example.com/?ostor-users"
[
    {
        "UserEmail": "user@example.com",
        "UserId": "a14040e0b2ef8b28",
        "State": "enabled",
        "OwnerId": "0000000000000000"
    },
    {
        "UserEmail": "user@example.com",
        "UserId": "ca55631f9f3d59dc",
        "State": "enabled",
        "OwnerId": "0000000000000000"
    }
]

3.2.3. Querying S3 Users

You can display information and status of a user by sending a GET request to the ostor-users service along with a user’s email address:

# s3_curl GET "http://s3.example.com/?ostor-users&emailAddress=user@example.com"
{
    "UserEmail": "user@example.com",
    "UserId": "ca55631f9f3d59dc",
    "State": "enabled",
    "OwnerId": "0000000000000000",
    "Flags": [

    ],
    "AWSAccessKeys": [
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcDF4M",
            "AWSSecretAccessKey": "QCbj17BzeepyvUAdJeFNFYW9fCzbq0uFal6e5pGm"
        },
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcZMDX",
            "AWSSecretAccessKey": "ffWvnOcNiH0jkQod4huv51BMYBuSWs4zRLFVwd4d"
        }
    ]
}

3.2.4. Disabling and Enabling S3 Users

You can disable a user (users are enabled by default) by sending a POST request to the ostor-users service along with a user’s email address and the disable parameter:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=user@example.com&disable"

You can enable a previously disabled user by sending a POST request to the ostor-users service along with a user’s email address and the enable parameter:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=user@example.com&enable"

3.2.5. Deleting S3 Users

You can delete an existing user by sending a DELETE request to the ostor-users service along with a user’s email address:

# s3_curl DELETE "http://s3.example.com/?ostor-users&emailAddress=user@example.com"

Users who own buckets cannot be removed until their buckets are deleted. To get a list of user’s buckets, send a GET request to the ostor-buckets service along with a user’s email address:

# s3_curl GET "http://s3.example.com/?ostor-buckets&emailAddress=user@example.com"
{
"Buckets": [
    {
        "size": {
            "current": 12288,
            "h_integral": 7360512,
            "hmax": 12288,
            "last_ts": 424241
        },
        "epoch": 0,
        "owner_id": "ba7eba06129464c5",
        "name": "bucketname",
        "creation_date": "2018-05-25T17:12:00.000Z"
    }]
 {

You can then delete buckets by name:

# s3_curl DELETE "http://s3.example.com/bucketname"

3.2.6. Generating S3 Access Keys

You can generate a new or additional access key pair with the ostor-users service and the following parameters: emailAddress specifying the user email address, genKey:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=user@example.com&genKey"
{
    "UserEmail": "user@example.com",
    "UserId": "ca55631f9f3d59dc",
    "AWSAccessKeys": [
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcZMDX",
            "AWSSecretAccessKey": "ffWvnOcNiH0jkQod4huv51BMYBuSWs4zRLFVwd4d"
        }
    ]
}

3.2.7. Revoking S3 Access Keys

You can revoke the specified access key pair of the specified user with the ostor-users service and the following parameters: emailAddress specifying the user email address, revokeKey specifying the access key in the key pair:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=user@example.com&revokeKey=ca55631f9f3d59dcZMDX"

3.2.8. Listing User Buckets

You can list all buckets in S3 with the ostor-buckets service:

# s3_curl GET "http://s3.example.com/?ostor-buckets"
{
"Buckets": [
    {
        "size": {
            "current": 12288,
            "h_integral": 7360512,
            "hmax": 12288,
            "last_ts": 424241
        },
        "epoch": 0,
        "owner_id": "ba7eba06129464c5",
        "name": "bucket1",
        "creation_date": "2018-05-25T17:12:00.000Z"
    },
    {
        "size": {
            "current": 46700160,
            "h_integral": 28160196480,
            "hmax": 46700160,
            "last_ts": 424237
        },
        "epoch": 0,
        "owner_id": "ccbec013d9fd3918",
        "name": "bucket2",
        "creation_date": "2018-05-25T13:51:55.000Z"
    },
    {
        "size": {
            "current": 12288,
            "h_integral": 8036352,
            "hmax": 12288,
            "last_ts": 424186
        },
        "epoch": 0,
        "owner_id": "9d80d59edbe2862a",
        "name": "bucket3",
        "creation_date": "2018-05-23T10:30:49.000Z"
    }
]}
Nov 20, 2019
Edit Raw Print