Learn how to manage your identities and access your S3 Object Storage resources.
Requirements
- a Public Cloud project in your OVHcloud account
- access to your OVHcloud Control Panel
Instructions
Creating a user
From the OVHcloud Control Panel:
- Choose
Public Cloud
from the top navigation bar. - In the left-hand menu, click
Object Storage
. - Choose the
S3 users
tab. - Click
+ Add User
.
In the pop-up window, you can create a new user or select an existing user.
Select Create a new user
, provide a User description, and click Create
.
ObjectStore operator
or Administrator
role.Select Select an existing user
, select the user, and click Create
.
Once your user has been created, you will see the credentials:
...
button at the end of a user’s line, you can, among other things, download the Rclone configuration file, see the user’s secret key, and delete the user.
Manage access to a container via a profile
You can define access to your containers via pre-defined profiles.
From the My containers
tab, click on the more options ...
button at the end of your container line and then select Add a user to a container
from the drop-down menu.
Select the user to add to your container and click Next
.
Select the role of your user on your container and click on Confirm
.
Manage access to an object via a profile
You can also set access to your objects via pre-defined profiles.
Click the more options ...
button at the end of your object line and then select Add user to my object
from the drop-down menu.
Select the user and click Next
.
Select the access profile for this user and click Confirm
.
Advanced resource access management
You can refine your permissions by importing a JSON configuration file. To do this, go to the S3 Users
tab.
Click on the ...
at the end of your user’s line, then Import S3 Policy (JSON)
.
Download S3 Policy (JSON)
.Some examples of JSON configuration files:
Read/write access to a bucket and its objects
Read-only access to a bucket and its objects
Allow all operations on all project resources
Read/write access to all objects in a specific folder (/home/user2
) in a specific bucket (companybucket
)
List of supported actions
Action | Scope |
---|---|
s3:AbortMultipartUpload | Object |
s3:CreateBucket | Bucket |
s3:DeleteBucket | Bucket |
s3:DeleteObject | Object |
s3:GetBucketLocation | Bucket |
s3:GetObject | Object |
s3:ListBucket | Bucket |
s3:ListBucketMultipartUploads | Bucket |
s3:ListMultipartUploadParts | Object |
s3:PutObject | Object |
Go further
For more information and tutorials, please see our other Object Storage support guides or explore the guides for other OVHcloud products and services.
If you need training or technical assistance to implement our solutions, contact your sales representative or click on this link to get a quote and ask our Professional Services experts for a custom analysis of your project.