...
| Note |
|---|
You can use the pshell command "info mybucket" to examine the active policies on that bucket. |
| Expand |
|---|
|
| Panel |
|---|
| title | Example1 - give a list of Pawsey |
|---|
|
usernames (user1, user2, user3, and user4) readonly access to a project bucket called p0002-sfx.Note: if a user (eg user1) attempts to list buckets they will see nothing. However, if they attempt to list objects inside the bucket it will show the objects inside p0002-sfx/ - see Note 4. | Code Block |
|---|
pawsey0002 |
| Code Block |
|---|
project123:/>policy |
p0002sfxbucket +r user1,user2,user3,user4
Setting bucket= |
p0002sfxbucket, perm=+r, for user(s)='user1,user2,user3,user4' |
Note: if a user attempts to list buckets they will see nothing. However, if they attempt to list objects inside the bucket it will show the objects inside my-bucket/ - see Note 4. |
| Panel |
|---|
| title | Example 2 - revoke user3 from having read access |
|---|
|
to the bucket. |
pawsey0002p0002sfxbucket -r user3
Setting bucket= |
p0002sfxbucket, perm=-r, for user(s)='user3' |
|
| Panel |
|---|
| title | Example 3 - grant read and write permission |
|---|
|
on a bucket. |
pawsey0002p0002sfxbucket +rw user1
Setting bucket= |
p0002sfxbucket, perm=+rw, for user(s)='user1' |
|
the objects in p0002-sfx | a bucket readonly and publicly accessible |
|
. |
pawsey0002p0002sfxbucket +r *
Setting bucket= |
p0002sfxbucket, perm=+r, for user(s)=None |
|
| Panel |
|---|
| title | Example 5 - remove all policies on a bucket |
|---|
|
. |
pawsey0002p0002sfxbucket -
Deleting all policies on bucket= |
p0002sfx
|
|
Lifecycles
Simple S3 bucket lifecycles can also be automatically created for you affecting multi-part uploads and versioning.
...
| Expand |
|---|
|
| Panel |
|---|
| title | Example 1 - a basic bucket lifecycle that cleans up failed - enable multi-part and expired version cleanup after 30 days |
|---|
|
| Code Block |
|---|
pshell> lifecycle my-bucket +mv |
|
| Panel |
|---|
| title | Example 2 - clean up incomplete multi-part uploads after 7 days. |
|---|
|
| Code Block |
|---|
pshell> lifecycle mybucketmy-bucket +m 7 |
|
| Panel |
|---|
| title | Example 2 - a basic bucket lifecycle that turns 3 - turn on versioning and deletes delete expired non-current objects after 30 days. |
|---|
|
| Code Block |
|---|
pshell> lifecycle mybucketmy-bucket +v 30 |
|
If versioning is enabled on a bucket, then you will have the option to review and restore deleted objects in the window before the lifecycle cleanup policy permanently removes them. | Panel |
|---|
| title | Example 4 - Reviewing deleted objects |
|---|
| lifecycle my-bucket --review Reviewing deletions: bucket=my-bucket, prefix= * folder1/my_file.txt |
| Panel |
|---|
| title | Example 5 - Restoring an object |
|---|
| lifecycle my-bucket/folder1 --restore Restoring deletions: bucket=my-bucket, prefix=folder1 restoring: folder1/my_file.txt Restored object count: 1 |
|