Alliance Doc

Arbutus object storage: Difference between revisions

Page Discussion

Arbutus object storage (view source)

Revision as of 18:08, 28 February 2023

21 bytes added ,  1 year ago
numerous fixes including standardizing on data containers vs buckets
No edit summary
(numerous fixes including standardizing on data containers vs buckets)
Line 43: Line 43:


<!--T:10-->
<!--T:10-->
You can also perform some management tasks for your object storage using the Object Store tab for your project at https://arbutus.cloud.computecanada.ca/. This interface refers to data containers (AKA buckets). You can create data containers with this interface, upload files, and create directories. Containers can also be created using S3-compatible CLI clients.
You can also perform some management tasks for your object storage using the Object Store tab in the OpenStack Dashboard at https://arbutus.cloud.computecanada.ca/. This interface refers to "data containers". Data containers are also known as buckets. In the dashboard you can create data containers, upload files, and create directories. Containers can also be created using S3-compatible CLI clients
Please note that if you create a new container as ''Public'', any object placed within this container can be freely accessed (read-only) by anyone on the Internet simply by navigating to <code><nowiki>https://object-arbutus.cloud.computecanada.ca/<YOUR CONTAINER NAME HERE>/<YOUR OBJECT NAME HERE></nowiki></code> with your container and object names inserted in place.
Please note that if you create a new container as ''Public'', any object placed within this container can be freely accessed (read-only) by anyone on the Internet simply by navigating to <code><nowiki>https://object-arbutus.cloud.computecanada.ca/<YOUR CONTAINER NAME HERE>/<YOUR OBJECT NAME HERE></nowiki></code> with your container and object names inserted in place.




<!--T:16-->
<!--T:16-->
The users are responsible for operations inside your cloud project. As such, the buckets and management of those buckets are up to the user.  
The users are responsible for operations inside your cloud project. As such, the data containers and their management are up to the user.  


=== General information === <!--T:17-->
=== General information === <!--T:17-->


<!--T:18-->
<!--T:18-->
* Buckets are owned by the user who creates them, and no other user can manipulate them.
* Data containers are owned by the user who creates them, and no other user can manipulate them.
* You can make a bucket accessible to the world, which then gives you a URL to share that will serve content from it.
* With a policy change, you can make a data container accessible to the world via URL
* Container names must be unique across '''all''' users in the Object Store, so you may benefit by prefixing each bucket with your project name to maintain uniqueness. In other words, don't bother trying to create a container named ''test'', but ''def-myname-test'' is probably OK.
* Data container names must be unique across '''all''' users in the Object Store, so you may benefit by prefixing data containers your project name to maintain uniqueness. In other words, don't bother trying to create a container named ''test'', but ''def-myname-test'' is probably OK.
* Container policies are managed via json files.
* Container policies are managed via json files.


= Accessing your Arbutus Object Store =
= Accessing your Arbutus Object Store =
There are two ways to access your data containers/buckets:
There are two ways to access your data containers:
# if your data container policies are set to private (default), object storage is accessible via an [[Arbutus_object_storage_clients|S3-compatible client]] (e.g. s3cmd). Managing your object store such as setting policies cannot be done via web browser and must be done with an S3-compatible client
# if your data container policies are set to private (default), object storage is accessible via an [[Arbutus_object_storage_clients|S3-compatible client]] (e.g. s3cmd). Managing your object store such as setting policies cannot be done via web browser and must be done with an S3-compatible client
# if your object storage policies are set to public (not default), object storage is accessible via an HTTPS endpoint:
# if your object storage policies are set to public (not default), object storage is accessible via an HTTPS endpoint:


<!--T:21-->
<!--T:21-->
<code>https://object-arbutus.cloud.computecanada.ca:443/BUCKET</code>
<code>https://object-arbutus.cloud.computecanada.ca:443/DATA_CONTAINER</code>


= Managing data containers policies for your Arbutus Object Store = <!--T:31-->
= Managing data containers policies for your Arbutus Object Store = <!--T:31-->
Line 70: Line 70:
   |title=Attention
   |title=Attention
   |content=
   |content=
Be careful with policies because an ill-conceived policy can lock you out of your bucket.
Be careful with policies because an ill-conceived policy can lock you out of your data container.
}}
}}


<!--T:34-->
<!--T:34-->
Currently, Arbutus Object Storage only implements a subset of Amazon's specification for [[https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-iam-policies.html bucket polices]]. The following example shows how to create, apply, and view a bucket's policy. The first step is create a policy json file:</p>
Currently, Arbutus Object Storage only implements a subset of Amazon's specification for [[https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-iam-policies.html data container polices]]. The following example shows how to create, apply, and view a policy. The first step is create a policy json file:</p>
<pre>{
<pre>{
     &quot;Version&quot;: &quot;2012-10-17&quot;,
     &quot;Version&quot;: &quot;2012-10-17&quot;,
Rmc
cc_staff
172

edits

Retrieved from "https://docs.alliancecan.ca/wiki/Special:MobileDiff/130527"