Managing S3 access keys

Each user of an S3 tenant account must have an access key to store and retrieve objects on the StorageGRID Webscale system. An access key consists of an access key ID and a secret access key.

About this task

S3 access keys can be managed as follows:

  • Users who have the Manage Your Own S3 Credentials permission can create or remove their own S3 access keys.
  • Users who have the Root Access permission can manage the access keys for the S3 root account, and all other users. Root access keys provide also provide full access to the tenant’s buckets and objects unless explicitly disabled by a bucket policy.

StorageGRID Webscale supports Signature Version 2 and Signature Version 4 authentication. Cross-account access is not permitted unless explicitly enabled by a bucket policy.