EasyManuals Logo
Home>IBM>Server>Aspera HST

IBM Aspera HST User Manual

IBM Aspera HST
353 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #339 background imageLoading...
Page #339 background image
| Appendix | 339
2.
Restrict Aspera transfer users to a limited part of the server's file system or bucket in object storage.
a) For on-premises servers, set a default docroot to an empty folder, then set a docroot for each user:
# asconfigurator -x "set_node_data;absolute,docroot"
# asconfigurator -x "set_user_data;user_name,username;absolute,docroot"
Replace username with the username and docroot with the directory path to which the user should have access.
b) For cloud-based servers, set a default restriction to an empty folder, then set a restriction for each user:
# asconfigurator -x "set_node_data;file_restriction,|storage_path"
# asconfigurator -x
"set_user_data;user_name,username;file_restriction,|storage_path"
Replace username with the username and storage_path with the path to which the user has access. Restriction
syntax is specific to the storage:
Storage Type Format Example
local storage file:////*
S3 and IBM Cloud Object Storage s3://*
Swift storage swift//*
Azure storage azu://*
Azure Files azure-files://*
Google Cloud Storage gs://*
Hadoop (HDFS) hdfs://*
The "|" is a delimiter, and you can add additional restrictions. For example, to restrict the system user xfer
to s3://s3.amazonaws.com/bucket_xyz/folder_a/* and not allow access to key files, run the
following command:
# asconfigurator -x "set_user_data;user_name,xfer;file_restriction,|
s3://s3.amazonaws.com/bucket_xyz/folder_a/*|!*.key"
3.
Restrict users' read, write, and browse permissions.
Users are given read, write, and browse permissions to their docroot by default. Change the global default to deny
these permissions:
# asconfigurator -x
"set_node_data;read_allowed,false;write_allowed,false;dir_allowed,false"
Run the following commands to enable permissions per user, as required:
# asconfigurator -x "set_user_data;user_name,username;read_allowed,false"
# asconfigurator -x "set_user_data;user_name,username;write_allowed,false"
# asconfigurator -x "set_user_data;user_name,username;dir_allowed,false"
4.
Limit transfer permissions to certain users.
Set the default transfer permissions for all users to deny:
# asconfigurator -x "set_node_data;authorization_transfer_in_value,deny"
# asconfigurator -x "set_node_data;authorization_transfer_out_value,deny"

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the IBM Aspera HST and is the answer not in the manual?

IBM Aspera HST Specifications

General IconGeneral
BrandIBM
ModelAspera HST
CategoryServer
LanguageEnglish

Related product manuals