An S3 tenant account is required before S3 API clients can store and retrieve objects on StorageGRID Webscale. Each tenant account has its own account ID, groups and users, and containers and objects.
S3 tenant accounts are created by a
StorageGRID Webscale grid administrator using
the Grid Manager or the Grid Management API. When creating an S3 tenant account, the grid administrator specifies the following information:
- Display name for the tenant (the tenant's account ID is assigned automatically and cannot be changed)
- Initial password for the tenant account’s root user
- Whether the tenant will use its own identity source or share the grid's identity source
- Whether the use of platform services will be allowed for the account
- Optionally, a storage quota for the tenant account—the maximum number of gigabytes, terabytes, or petabytes
available for the tenant's objects. A tenant's storage quota represents a logical amount (object size), not a physical amount (size on disk).
After an S3 tenant account is created, tenant users can access the
Tenant Manager to perform tasks such as the following:
- Setting up identity federation (unless the identity source is shared with the grid), or creating local groups and users
- Managing S3 access keys
- Creating and managing S3 buckets
- Using platform services (if enabled)
- Monitoring storage usage
Attention: S3 tenant users can create and manage S3 buckets with the Tenant Manager, but they must have S3 access keys and use the S3 REST API to ingest and manage objects.