Understanding tenant accounts

A tenant account allows clients that use the Simple Storage Service (S3) protocol or the Swift protocol to store and retrieve objects on a StorageGRID Webscale system.

Each tenant account supports the use of a single protocol, which is specified by the grid administrator at the time that the account is created. To store and retrieve objects to a StorageGRID Webscale system with both protocols, you would require two tenant accounts: one for Swift containers and objects and one for S3 buckets and objects. Each tenant account has its own unique account ID, Tenant Management Interface, federated or local groups and users, and containers (buckets for S3) and objects.

Optionally, you could choose to have different tenant accounts on a StorageGRID Webscale system to segregate stored objects by different entities. For example, a StorageGRID Webscale system might use multiple tenant accounts in either of these use cases:
Storage tenant accounts are created by a StorageGRID Webscale grid administrator using the Grid Management Interface (either the user interface or the API). When creating a tenant account, the grid administrator specifies the following information:

As soon as the tenant account has been created, you can sign into the Tenant Management Interface to monitor storage usage and to set up identity federation, groups, and users. After users have been set up, S3 client users will also use the Tenant Management Interface to create and manage the access keys needed to store and retrieve objects on the StorageGRID Webscale system.

This guide provides instructions for using the Tenant Management Interface. For information about creating storage tenant accounts, see the Administrator Guide.