REST API reference
Update an S3 user configuration
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
PATCH /protocols/s3/services/{svm.uuid}/users/{name}
Introduced In: 9.7
Updates the S3 user configuration of an SVM.
Important notes
-
User access_key and secret_key pair can be regenerated using the PATCH operation.
-
User access_key and secret_key is returned in a PATCH operation if the "regenerate_keys" field is specified as true.
-
If "regenerate_keys" is true and user keys have expiry configuration, then "key_expiry_time" is also returned as part of response.
-
User access_key and secret_key pair can be deleted using the PATCH operation.
Recommended optional properties
-
regenerate_keys- Specifies if secret_key and access_key need to be regenerated. -
delete_keys- Specifies if secret_key and access_key need to be deleted. -
comment- Any information related to the S3 user.
Related ONTAP commands
-
vserver object-store-server user show -
vserver object-store-server user regenerate-keys -
vserver object-store-server user delete-keys
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
name |
string |
path |
True |
User name |
regenerate_keys |
boolean |
query |
False |
Specifies whether or not to regenerate the user keys.
|
delete_keys |
boolean |
query |
False |
Specifies whether or not to delete the user keys.
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
Request Body
| Name | Type | Description |
|---|---|---|
access_key |
string |
Specifies the access key for the user. |
comment |
string |
Can contain any additional information about the user being created or modified. |
key_expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
key_time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
name |
string |
Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-". |
svm |
SVM, applies only to SVM-scoped objects. |
Example request
{
"access_key": "HJAKU28M3SXTE2UXUACV",
"comment": "S3 user",
"key_expiry_time": "2024-01-01 00:00:00 +0000",
"key_time_to_live": "PT6H3M",
"name": "user-1",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}Response
Status: 200, Ok| Name | Type | Description |
|---|---|---|
num_records |
integer |
Number of records |
records |
Example response
{
"num_records": 1,
"records": {
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"access_key": "HJAKU28M3SXTE2UXUACV",
"name": "user-1",
"secret_key": "BcA_HX6If458llhnx3n1TCO3mg4roCXG0ddYf_cJ"
}
}Error
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
92405792 |
Failed to regenerate access-key and secret-key for user. |
92406082 |
Cannot perform "regenerate_keys" and "delete_keys" operations simultaneously on an S3 user. |
92406081 |
The "regenerate_keys" operation on S3 User "user-2" in SVM "vs1" succeeded. However, modifying all of the other S3 user properties failed. Reason: resource limit exceeded. Retry the operation again without specifying the "regenerate_keys" parameter. |
92406080 |
Cannot delete root user keys because there exists at least one S3 SnapMirror relationship that is using these keys. |
92406083 |
The maximum supported value for user key expiry configuration is "1095" days. |
92406088 |
The "key_time_to_live" parameter can only be used when the "regenerate_keys" operation is performed. |
92406096 |
The user does not have permission to access the requested resource \"{0}\". |
92406097 |
Internal error. The operation configuration is not correct. |
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": {
"code": "string",
"message": "string"
},
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
svm
SVM, applies only to SVM-scoped objects.
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
s3_user
This is a container of S3 users.
| Name | Type | Description |
|---|---|---|
access_key |
string |
Specifies the access key for the user. |
comment |
string |
Can contain any additional information about the user being created or modified. |
key_expiry_time |
string |
Specifies the date and time after which keys expire and are no longer valid. |
key_time_to_live |
string |
Indicates the time period from when this parameter is specified:
|
name |
string |
Specifies the name of the user. A user name length can range from 1 to 64 characters and can only contain the following combination of characters 0-9, A-Z, a-z, "_", "+", "=", ",", ".","@", and "-". |
svm |
SVM, applies only to SVM-scoped objects. |
collection_links
| Name | Type | Description |
|---|---|---|
next |
||
self |
s3_service_user_post_response
| Name | Type | Description |
|---|---|---|
_links |
||
access_key |
string |
Specifies the access key for the user. |
name |
string |
The name of the user. |
secret_key |
string |
Specifies the secret key for the user. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |