Configure S3 credentials for working with Ozone

For the users or client applications that use S3 APIs to access Ozone buckets, Ozone provides the AWS access key ID and AWS secret key. You can add the access key ID and secret key in the AWS config file for Ozone to ensure that a particular user or client application can get automatic access to the Ozone buckets.

The user or the client application accessing Ozone must be authenticated against your cluster's KDC.
  1. Display the access key ID and the secret key for a particular user or client application.
    ozone s3 getsecret
    The command communicates with Ozone, validates the user credentials through Kerberos, and generates the AWS credentials. These credentials are printed on the screen.
  2. Add the generated credentials to the AWS config file.
    The following example shows how you can add the credentials.
    aws configure set default.s3.signature_version s3v4
    aws configure set aws_access_key_id ${accessId}
    aws configure set aws_secret_access_key ${secret}
    aws configure set region us-west-1