REST API reference
Update an S3 user configuration
Suggest changes
PDFs
PATCH /protocols/s3/services/{svm.uuid}/users/{name}
Introduced In: 9.7
Updates the S3 user configuration of an SVM.
Important notes
-
User access_key and secret_key pair can be regenerated using the PATCH operation.
-
User access_key and secret_key is returned in a PATCH operation if the "regenerate_keys" field is specified as true.
-
If "regenerate_keys" is true and user keys have expiry configuration, then "key_expiry_time" is also returned as part of response.
-
User access_key and secret_key pair can be deleted using the PATCH operation.
Recommended optional properties
-
regenerate_keys- Specifies if secret_key and access_key need to be regenerated. -
delete_keys- Specifies if secret_key and access_key need to be deleted. -
comment- Any information related to the S3 user.
Related ONTAP commands
-
vserver object-store-server user show -
vserver object-store-server user regenerate-keys -
vserver object-store-server user delete-keys
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
name |
string |
path |
True |
User name |
regenerate_keys |
boolean |
query |
False |
Specifies whether or not to regenerate the user keys.
|
delete_keys |
boolean |
query |
False |
Specifies whether or not to delete the user keys.
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
Request Body
| Name | Type | Description |
|---|---|---|
access_key |
string |
Specifies the access key for the user. |
comment |
string |
Can contain any additional information about the user being created or modified. |
key_expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
key_id |
integer |
Specifies the identifier of an S3 user key that needs to be generated or deleted. The key_id can either be '1' or '2'. |
key_time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
keys |
array[keys] |
Specifies the keys associated with an S3 User. |
name |
string |
Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-". |
svm |
SVM, applies only to SVM-scoped objects. |
Example request
{
"access_key": "HJAKU28M3SXTE2UXUACV",
"comment": "S3 user",
"key_expiry_time": "2023-12-31 19:00:00 -0500",
"key_id": 1,
"key_time_to_live": "PT6H3M",
"keys": [
{
"access_key": "HJAKU28M3SXTE2UXUACV",
"expiry_time": "2023-12-31 19:00:00 -0500",
"id": 1,
"time_to_live": "PT6H3M"
}
],
"name": "user-1",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}Response
Status: 200, Ok| Name | Type | Description |
|---|---|---|
num_records |
integer |
Number of records |
records |
Example response
{
"num_records": 1,
"records": [
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"access_key": "HJAKU28M3SXTE2UXUACV",
"key_expiry_time": "2023-12-31 19:00:00 -0500",
"name": "user-1",
"secret_key": "BcA_HX6If458llhnx3n1TCO3mg4roCXG0ddYf_cJ"
}
]
}Error
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
92405792 |
Failed to regenerate access-key and secret-key for user. |
92406082 |
|
Cannot perform "regenerate_keys" and "delete_keys" operations simultaneously on an S3 user. |
|
92406081 |
The "regenerate_keys" operation on S3 User "user-2" in SVM "vs1" succeeded. However, modifying all of the other S3 user properties failed. Reason: resource limit exceeded. Retry the operation again without specifying the "regenerate_keys" parameter. |
92406080 |
|
Cannot delete root user keys because there exists at least one S3 SnapMirror relationship that is using these keys. |
|
92406083 |
The maximum supported value for user key expiry configuration is "1095" days. |
92406088 |
|
The "key_time_to_live" parameter can only be used when the "regenerate_keys" operation is performed. |
|
92406096 |
The user does not have permission to access the requested resource "{0}". |
92406097 |
|
Internal error. The operation configuration is not correct. |
|
92406108 |
The "key_id" field must be used with either the "regenerate_keys" or "delete_keys" operation. |
92406196 |
The specified value for the "key_time_to_live" field cannot be greater than the maximum limit specified for the "max_key_time_to_live" field in the object store server. |
92406197 |
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
keys
Specifies a key associated with an S3 user. At most only two keys can be associated with a user.
| Name | Type | Description |
|---|---|---|
access_key |
string |
Specifies the access key for the user. |
expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
id |
integer |
Specifies an S3 user key identifier. Each user can only have a maximum of two keys. The key_id can either be '1' or '2'. |
time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
svm
SVM, applies only to SVM-scoped objects.
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
s3_user
This is a container of S3 users.
| Name | Type | Description |
|---|---|---|
access_key |
string |
Specifies the access key for the user. |
comment |
string |
Can contain any additional information about the user being created or modified. |
key_expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
key_id |
integer |
Specifies the identifier of an S3 user key that needs to be generated or deleted. The key_id can either be '1' or '2'. |
key_time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
keys |
array[keys] |
Specifies the keys associated with an S3 User. |
name |
string |
Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-". |
svm |
SVM, applies only to SVM-scoped objects. |
collection_links
| Name | Type | Description |
|---|---|---|
next |
||
self |
s3_service_user_post_response
| Name | Type | Description |
|---|---|---|
_links |
||
access_key |
string |
Specifies the access key for the user. |
key_expiry_time |
string |
Specifies the date and time after which the keys expire and are no longer valid. |
name |
string |
The name of the user. |
secret_key |
string |
Specifies the secret key for the user. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |