VAST maintains an internal database of client users, creating new entries when discovering new users. The user database can fetch user entries from an auth provider and map user attributes to ensure that users are authorized with identical permissions independent of their access protocol.
There are features that enable you to add user entries to the user database and to edit certain user properties. These features are only needed and used in specific use cases, and are not relevant for all use cases.
These features can be used for:
Enabling users to access the cluster via S3. Client users cannot access the cluster via s3 until you administrate their permission via one of the VMS user interfaces.
Enabling special S3 user permissions to create and delete buckets. These are administrated per user only via the VMS user interfaces.
Creating a local user entry for a user who does not exist in the auth provider or modifying an existing user entry to be 'local'. This enables you to allow a user access to resources via NFS on an exceptional basis. You define the user as a 'local' user and provide NFS user and group attributes. The user can then be authorized to access resources via NFS without being updated from the auth provider.
Managing S3 Access and Bucket Permissions
To give users S3 access permission and special permissions to create and delete buckets, see the following topics:
Creating Local Users
To add and edit local user entries, see Adding Local Users.
Comments
0 comments
Please sign in to leave a comment.