Object users

Object users are users of the ECS object store. They access ECS through object clients that are using the object protocols that ECS supports (S3, EMC Atmos, OpenStack Swift, and CAS). Object users can be assigned Unix-style permissions to access buckets exported as file systems for HDFS.

A management user (System or Namespace Administrator) can create an object user. The management user defines a username and assigns a secret key to the object user when the user is created or at any time thereafter. A username can be a local name or a domain-style username that includes @ in the name. The object user uses the secret key to access the ECS object store. The secret key of object user is distributed by email or other means.

Users that are added to ECS as domain users can later add themselves as object users by creating their own secret key using the ECS self-service capability through a client that communicates with the ECS Management REST API. The object username that they are given is the same as their domain name. Object users do not have access to the ECS Portal. For more information about domain users, see the Domain and local users. For information about creating a secret key, see the ECS Data Access Guide, available from https://www.dell.com/support/.

Object users are global resources. An object user can have privileges to read and write buckets, and objects within the namespace to which they are assigned, from any VDC.

NOTE: Set the user scope before you create the first object user. Setting up user scope is a strict one time configuration. Once configured for an ECS system, user scope cannot be changed. If you want to change the user scope, ECS must be reinstalled and all the users, buckets, namespaces, and data must be cleaned up.
  • Refer User scope for more information about object users and user scope.
  • For more information about object user tasks, see the ECS Data Access Guide.