3.2. Managing S3 Users and Listing Buckets via REST API

This section describes how to manage users via the REST API in a service provider scenario. New customers will sign up for the service during purchase in your online store and you will need to create users for them in the S3 cluster.

3.2.1. Creating S3 Users

You can create a user with the ostor-users service and parameter emailAddress specifying the user email address:

# s3_curl PUT "http://s3.example.com/?ostor-users&emailAddress=client@example.com"
{
    "UserEmail": "client@example.com",
    "UserId": "ca55631f9f3d59dc",
    "AWSAccessKeys": [
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcDF4M",
            "AWSSecretAccessKey": "QCbj17BzeepyvUAdJeFNFYW9fCzbq0uFal6e5pGm"
        }
    ]
}

3.2.2. Listing S3 Users

You can list information about all users with the ostor-users service. Additional rows may list S3 access key pairs associated with the user. For example:

# s3_curl GET "http://s3.example.com/?ostor-users"
[
    {
        "UserEmail": "user@example.com",
        "UserId": "a14040e0b2ef8b28",
        "State": "enabled",
        "OwnerId": "0000000000000000"
    },
    {
        "UserEmail": "client@example.com",
        "UserId": "ca55631f9f3d59dc",
        "State": "enabled",
        "OwnerId": "0000000000000000"
    }
]

3.2.3. Querying S3 Users

You can display information and status of a user with the ostor-users service and parameter emailAddress specifying the user email address:

# s3_curl GET "http://s3.example.com/?ostor-users&emailAddress=client@example.com"
{
    "UserEmail": "client@example.com",
    "UserId": "ca55631f9f3d59dc",
    "State": "enabled",
    "OwnerId": "0000000000000000",
    "Flags": [

    ],
    "AWSAccessKeys": [
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcDF4M",
            "AWSSecretAccessKey": "QCbj17BzeepyvUAdJeFNFYW9fCzbq0uFal6e5pGm"
        },
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcZMDX",
            "AWSSecretAccessKey": "ffWvnOcNiH0jkQod4huv51BMYBuSWs4zRLFVwd4d"
        }
    ]
}

3.2.4. Disabling S3 Users

You can disable a user with the ostor-users service and parameter emailAddress specifying the user email address:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=client@example.com&disable"

3.2.5. Enabling S3 Users

You can enable a previously disabled user with the ostor-users service and parameter emailAddress specifying the user email address:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=client@example.com&enable"

3.2.6. Deleting S3 Users

You can delete existing users with the ostor-users service and parameter emailAddress specifying the user email address:

# s3_curl DELETE "http://s3.example.com/?ostor-users&emailAddress=client@example.com"

Users who own buckets cannot be removed until their buckets are deleted. You can get a list of user’s buckets with the ostor-buckets service and parameter emailAddress specifying the user email address:

# s3_curl GET "http://s3.example.com/?ostor-buckets&emailAddress=client@example.com"
{
"Buckets": [
    {
        "size": {
            "current": 12288,
            "h_integral": 7360512,
            "hmax": 12288,
            "last_ts": 424241
        },
        "epoch": 0,
        "owner_id": "ba7eba06129464c5",
        "name": "data",
        "creation_date": "2018-05-25T17:12:00.000Z"
    }]
 {

You can delete the buckets by their names:

# s3_curl DELETE "http://s3.example.com/data"

3.2.7. Generating S3 Access Keys

You can generate a new or additional access key pair with the ostor-users service and the following parameters: emailAddress specifying the user email address, genKey:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=client@example.com&genKey"
{
    "UserEmail": "client@example.com",
    "UserId": "ca55631f9f3d59dc",
    "AWSAccessKeys": [
        {
            "AWSAccessKeyId": "ca55631f9f3d59dcZMDX",
            "AWSSecretAccessKey": "ffWvnOcNiH0jkQod4huv51BMYBuSWs4zRLFVwd4d"
        }
    ]
}

3.2.8. Revoking S3 Access Keys

You can revoke the specified access key pair of the specified user with the ostor-users service and the following parameters: emailAddress specifying the user email address, revokeKey specifying the access key in the key pair:

# s3_curl POST "http://s3.example.com/?ostor-users&emailAddress=client@example.com&revokeKey=ca55631f9f3d59dcZMDX"

3.2.9. Listing User Buckets

You can list all buckets in S3 with the ostor-buckets service:

# s3_curl GET "http://s3.example.com/?ostor-buckets"
{
"Buckets": [
    {
        "size": {
            "current": 12288,
            "h_integral": 7360512,
            "hmax": 12288,
            "last_ts": 424241
        },
        "epoch": 0,
        "owner_id": "ba7eba06129464c5",
        "name": "bucket1",
        "creation_date": "2018-05-25T17:12:00.000Z"
    },
    {
        "size": {
            "current": 46700160,
            "h_integral": 28160196480,
            "hmax": 46700160,
            "last_ts": 424237
        },
        "epoch": 0,
        "owner_id": "ccbec013d9fd3918",
        "name": "bucket2",
        "creation_date": "2018-05-25T13:51:55.000Z"
    },
    {
        "size": {
            "current": 12288,
            "h_integral": 8036352,
            "hmax": 12288,
            "last_ts": 424186
        },
        "epoch": 0,
        "owner_id": "9d80d59edbe2862a",
        "name": "bucket3",
        "creation_date": "2018-05-23T10:30:49.000Z"
    }
]}
Jan 15, 2019
Edit Raw Print