Skip to main content

Manage S3 access keys: Overview

Contributors netapp-madkat netapp-lhalbert

Each user of an S3 tenant account must have an access key to store and retrieve objects in the StorageGRID system. An access key consists of an access key ID and a secret access key.

S3 access keys can be managed as follows:

  • Users who have the Manage your own S3 credentials permission can create or remove their own S3 access keys.

  • Users who have the Root access permission can manage the access keys for the S3 root account and all other users. Root access keys provide full access to all buckets and objects for the tenant unless explicitly disabled by a bucket policy.

StorageGRID supports Signature Version 2 and Signature Version 4 authentication. Cross-account access is not permitted unless explicitly enabled by a bucket policy.