Update an S3 user configuration
PATCH /protocols/s3/services/{svm.uuid}/users/{name}
Introduced In: 9.7
Updates the S3 user configuration of an SVM.
Important notes
-
User access_key and secret_key pair can be regenerated using the PATCH operation.
-
User access_key and secret_key is returned in a PATCH operation if the "regenerate_keys" field is specified as true.
-
If "regenerate_keys" is true and user keys have expiry configuration, then "key_expiry_time" is also returned as part of response.
-
User access_key and secret_key pair can be deleted using the PATCH operation.
Recommended optional properties
-
regenerate_keys
- Specifies if secret_key and access_key need to be regenerated. -
delete_keys
- Specifies if secret_key and access_key need to be deleted. -
comment
- Any information related to the S3 user.
Related ONTAP commands
-
vserver object-store-server user show
-
vserver object-store-server user regenerate-keys
-
vserver object-store-server user delete-keys
Learn more
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
name |
string |
path |
True |
User name |
regenerate_keys |
boolean |
query |
False |
Specifies whether or not to regenerate the user keys.
|
delete_keys |
boolean |
query |
False |
Specifies whether or not to delete the user keys.
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
Request Body
Name | Type | Description |
---|---|---|
access_key |
string |
Specifies the access key for the user. |
comment |
string |
Can contain any additional information about the user being created or modified. |
key_expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
key_id |
integer |
Specifies the identifier of an S3 user key that needs to be generated or deleted. The key_id can either be '1' or '2'. |
key_time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
keys |
array[keys] |
Specifies the keys associated with an S3 User. |
name |
string |
Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-". |
svm |
SVM, applies only to SVM-scoped objects. |
Example request
{
"access_key": "HJAKU28M3SXTE2UXUACV",
"comment": "S3 user",
"key_expiry_time": "2023-12-31 19:00:00 -0500",
"key_id": 1,
"key_time_to_live": "PT6H3M",
"keys": [
{
"access_key": "HJAKU28M3SXTE2UXUACV",
"expiry_time": "2023-12-31 19:00:00 -0500",
"id": 1,
"time_to_live": "PT6H3M"
}
],
"name": "user-1",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
num_records |
integer |
Number of records |
records |
Example response
{
"num_records": 1,
"records": [
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"access_key": "HJAKU28M3SXTE2UXUACV",
"key_expiry_time": "2023-12-31 19:00:00 -0500",
"name": "user-1",
"secret_key": "BcA_HX6If458llhnx3n1TCO3mg4roCXG0ddYf_cJ"
}
]
}
Error
Status: Default
ONTAP Error Response Codes
Error Code | Description |
---|---|
92405792 |
Failed to regenerate access-key and secret-key for user. |
92406082 |
|
Cannot perform "regenerate_keys" and "delete_keys" operations simultaneously on an S3 user. |
|
92406081 |
The "regenerate_keys" operation on S3 User "user-2" in SVM "vs1" succeeded. However, modifying all of the other S3 user properties failed. Reason: resource limit exceeded. Retry the operation again without specifying the "regenerate_keys" parameter. |
92406080 |
|
Cannot delete root user keys because there exists at least one S3 SnapMirror relationship that is using these keys. |
|
92406083 |
The maximum supported value for user key expiry configuration is "1095" days. |
92406088 |
|
The "key_time_to_live" parameter can only be used when the "regenerate_keys" operation is performed. |
|
92406096 |
The user does not have permission to access the requested resource "{0}". |
92406097 |
|
Internal error. The operation configuration is not correct. |
|
92406108 |
The "key_id" field must be used with either the "regenerate_keys" or "delete_keys" operation. |
92406196 |
The specified value for the "key_time_to_live" field cannot be greater than the maximum limit specified for the "max_key_time_to_live" field in the object store server. |
92406197 |
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
keys
Specifies a key associated with an S3 user. At most only two keys can be associated with a user.
Name | Type | Description |
---|---|---|
access_key |
string |
Specifies the access key for the user. |
expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
id |
integer |
Specifies an S3 user key identifier. Each user can only have a maximum of two keys. The key_id can either be '1' or '2'. |
time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
svm
SVM, applies only to SVM-scoped objects.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
s3_user
This is a container of S3 users.
Name | Type | Description |
---|---|---|
access_key |
string |
Specifies the access key for the user. |
comment |
string |
Can contain any additional information about the user being created or modified. |
key_expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
key_id |
integer |
Specifies the identifier of an S3 user key that needs to be generated or deleted. The key_id can either be '1' or '2'. |
key_time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
keys |
array[keys] |
Specifies the keys associated with an S3 User. |
name |
string |
Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-". |
svm |
SVM, applies only to SVM-scoped objects. |
collection_links
Name | Type | Description |
---|---|---|
next |
||
self |
s3_service_user_post_response
Name | Type | Description |
---|---|---|
_links |
||
access_key |
string |
Specifies the access key for the user. |
key_expiry_time |
string |
Specifies the date and time after which the keys expire and are no longer valid. |
name |
string |
The name of the user. |
secret_key |
string |
Specifies the secret key for the user. |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |