248 NetApp AltaVault Cloud Integrated Storage Administration Guide
Beta Draft
Amazon AWS IAM and S3 bucket policies IAM policies for AltaVault
AltaVault requires the following IAM user permissions:
On all buckets:
– ListAllMyBuckets (not required for normal operation, but some features may not work)
On the configured cloud bucket:
– CreateBucket (not required if the bucket has been created beforehand)
– GetBucketLocation
– ListBucket
– ListBucketMultipartUploads
– GetLifecycleConfiguration
– PutLifecycleConfiguration
On objects inside the configured cloud bucket:
– AbortMultipartUpload
– DeleteObject
– GetObject
– ListMultipartUploadParts
– PutObject
–RestoreObject
Sample of IAM policy
Below is a sample of the IAM policy implementing the above permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1394143726000",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": [
"arn:aws:s3:::*"
]
},
{
"Sid": "Stmt1394143742000",
"Effect": "Allow",
"Action": [
"s3:CreateBucket",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:GetLifecycleConfiguration",
"s3:PutLifecycleConfiguration"
],
"Resource": [
"arn:aws:s3:::bucket_name"
]
},
To Next Page
Loading...
