Skip to main content
A newer release of this product is available.

Update an S3 user configuration

Contributors

PATCH /protocols/s3/services/{svm.uuid}/users/{name}

Introduced In: 9.7

Updates the S3 user configuration of an SVM.

Important notes

  • User access_key and secret_key pair can be regenerated using the PATCH operation.

  • User access_key and secret_key is returned in a PATCH operation if the "regenerate_keys" field is specified as true.

  • If "regenerate_keys" is true and user keys have expiry configuration, then "key_expiry_time" is also returned as part of response.

  • User access_key and secret_key pair can be deleted using the PATCH operation.

  • regenerate_keys - Specifies if secret_key and access_key need to be regenerated.

  • delete_keys - Specifies if secret_key and access_key need to be deleted.

  • comment - Any information related to the S3 user.

  • vserver object-store-server user show

  • vserver object-store-server user regenerate-keys

  • vserver object-store-server user delete-keys

Parameters

Name Type In Required Description

name

string

path

True

User name

regenerate_keys

boolean

query

False

Specifies whether or not to regenerate the user keys.

  • Default value:

delete_keys

boolean

query

False

Specifies whether or not to delete the user keys.

  • Introduced in: 9.14

  • Default value:

svm.uuid

string

path

True

UUID of the SVM to which this object belongs.

Request Body

Name Type Description

access_key

string

Specifies the access key for the user.

comment

string

Can contain any additional information about the user being created or modified.

key_expiry_time

string

Specifies the date and time after which keys expire and are no longer valid.

key_time_to_live

string

Indicates the time period from when this parameter is specified:

  • when creating or modifying a user or

  • when the user keys were last regenerated, after which the user keys expire and are no longer valid.

  • Valid format is: 'PnDTnHnMnS|PnW'. For example, P2DT6H3M10S specifies a time period of 2 days, 6 hours, 3 minutes, and 10 seconds.

  • If the value specified is '0' seconds, then the keys won't expire.

name

string

Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-".

svm

svm

SVM, applies only to SVM-scoped objects.

Example request
{
  "access_key": "HJAKU28M3SXTE2UXUACV",
  "comment": "S3 user",
  "key_expiry_time": "2024-01-01 00:00:00 +0000",
  "key_time_to_live": "PT6H3M",
  "name": "user-1",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  }
}

Response

Status: 200, Ok
Name Type Description

num_records

integer

Number of records

records

array[s3_service_user_post_response]

Example response
{
  "num_records": 1,
  "records": [
    {
      "_links": {
        "next": {
          "href": "/api/resourcelink"
        },
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "access_key": "HJAKU28M3SXTE2UXUACV",
      "name": "user-1",
      "secret_key": "BcA_HX6If458llhnx3n1TCO3mg4roCXG0ddYf_cJ"
    }
  ]
}

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

92405792

Failed to regenerate access-key and secret-key for user.

92406082

Cannot perform "regenerate_keys" and "delete_keys" operations simultaneously on an S3 user.

92406081

The "regenerate_keys" operation on S3 User "user-2" in SVM "vs1" succeeded. However, modifying all of the other S3 user properties failed. Reason: resource limit exceeded. Retry the operation again without specifying the "regenerate_keys" parameter.

92406080

Cannot delete root user keys because there exists at least one S3 SnapMirror relationship that is using these keys.

92406083

The maximum supported value for user key expiry configuration is "1095" days.

92406088

The "key_time_to_live" parameter can only be used when the "regenerate_keys" operation is performed.

92406096

The user does not have permission to access the requested resource \"{0}\".

92406097

Internal error. The operation configuration is not correct.

Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

s3_user

This is a container of S3 users.

Name Type Description

access_key

string

Specifies the access key for the user.

comment

string

Can contain any additional information about the user being created or modified.

key_expiry_time

string

Specifies the date and time after which keys expire and are no longer valid.

key_time_to_live

string

Indicates the time period from when this parameter is specified:

  • when creating or modifying a user or

  • when the user keys were last regenerated, after which the user keys expire and are no longer valid.

  • Valid format is: 'PnDTnHnMnS|PnW'. For example, P2DT6H3M10S specifies a time period of 2 days, 6 hours, 3 minutes, and 10 seconds.

  • If the value specified is '0' seconds, then the keys won't expire.

name

string

Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-".

svm

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

next

href

self

href

s3_service_user_post_response

Name Type Description

_links

collection_links

access_key

string

Specifies the access key for the user.

name

string

The name of the user.

secret_key

string

Specifies the secret key for the user.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.