Effective user and key management is essential for securing your S3 Vault. When creating an S3 Vault, you can select the user or user group that will have permissions to access the S3 Vault.
Associate Users
When setting up users for your S3 compatible apps, it is important to associate them with the appropriate roles and permissions to ensure they have the necessary access to perform their tasks.
S3 User Role
The S3 User Role is a predefined role that is automatically assigned to users and user groups. This role includes the following permissions:
- S3_putObject: Allows users to upload objects to the S3 bucket.
- S3_getObject: Allows users to download objects from the S3 bucket.
- S3_listBucket: Allows users to list the objects in the S3 bucket.
- S3_deleteObject: Allows users to delete objects from the S3 bucket.
By default, the S3 User Role is added to all users and user groups that are provided during S3 Vault creation, ensuring they have the necessary permissions to interact with the S3 bucket.
You can create custom roles by combining any Commvault permissions with S3 permissions, see Managing Roles.