-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
AWS IAM CLI
Tom Crasset edited this page Jan 15, 2025
·
5 revisions
- Remove
-s3.configparams - Create an admin through
weed shell, and use these credentials to access IAM
e.g.:
s3.configure -apply -user admin -access_key some_access_key1 -secret_key some_secret_key1 -actions Admin
Create user and access key
aws --endpoint http://127.0.0.1:8111 iam create-access-key --user-name Bob
{
"AccessKey": {
"UserName": "Bob",
"AccessKeyId": "X8R439UM7OSQJX28I9QTP",
"Status": "Active",
"SecretAccessKey": "FLh9yeeYhzA7qsiyLIXsvuhv4g2cSgoUJJe/EqZw1z"
}
}
Create read only access to the bucket
echo '
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::EXAMPLE-BUCKET/*"
]
}
]
}
' > S3-read-only-example-bucket.policy
aws --endpoint http://127.0.0.1:8111 iam put-user-policy --user-name Bob --policy-name ExamplePolicy --policy-document file://S3-read-only-example-bucket.policy
Checking
echo 's3.configure' | weed shell
{
"identities": [
{
"name": "Bob",
"credentials": [
{
"accessKey": "X8R439UM7OSQJX28I9QTP",
"secretKey": "FLh9yeeYhzA7qsiyLIXsvuhv4g2cSgoUJJe/EqZw1z"
}
],
"actions": [
"Read:EXAMPLE-BUCKET",
"List:EXAMPLE-BUCKET"
]
}
]
}
List access keys
aws --endpoint http://127.0.0.1:8111 iam list-access-keys
{
"AccessKeyMetadata": [
{
"UserName": "iam",
"AccessKeyId": "B04R0WM64L0DAJ0N9LFZ",
"Status": "Active"
},
{
"UserName": "Bob",
"AccessKeyId": "X8R439UM7OSQJX28I9QTP",
"Status": "Active"
}
]
}
- Replication
- Store file with a Time To Live
- Failover Master Server
- Erasure coding for warm storage
- Server Startup Setup
- Environment Variables
- Filer Setup
- Directories and Files
- Data Structure for Large Files
- Filer Data Encryption
- Filer Commands and Operations
- Filer JWT Use
- Filer Cassandra Setup
- Filer Redis Setup
- Super Large Directories
- Path-Specific Filer Store
- Choosing a Filer Store
- Customize Filer Store
- Migrate to Filer Store
- Add New Filer Store
- Filer Store Replication
- Filer Active Active cross cluster continuous synchronization
- Filer as a Key-Large-Value Store
- Path Specific Configuration
- Filer Change Data Capture
- Cloud Drive Benefits
- Cloud Drive Architecture
- Configure Remote Storage
- Mount Remote Storage
- Cache Remote Storage
- Cloud Drive Quick Setup
- Gateway to Remote Object Storage
- Amazon S3 API
- AWS CLI with SeaweedFS
- s3cmd with SeaweedFS
- rclone with SeaweedFS
- restic with SeaweedFS
- nodejs with Seaweed S3
- S3 API Benchmark
- S3 API FAQ
- S3 Bucket Quota
- S3 API Audit log
- S3 Nginx Proxy
- Docker Compose for S3
- Hadoop Compatible File System
- run Spark on SeaweedFS
- run HBase on SeaweedFS
- run Presto on SeaweedFS
- Hadoop Benchmark
- HDFS via S3 connector
- Async Replication to another Filer [Deprecated]
- Async Backup
- Async Filer Metadata Backup
- Async Replication to Cloud [Deprecated]
- Kubernetes Backups and Recovery with K8up