Registration command of the Storage Authentication Information (Amazon S3)

You can register the Storage Authentication Information for Amazon S3 to the Cloud Storage DB.

Registration command of the Storage Authentication Information

utls3infoadd [COMMON-OPTIONS] -t auth --id ID [AUTH-OPTIONS]

Parameter explanation

[COMMON-OPTIONS]

These options are common to all utilities.

-r, --replace

Replacement (optional)

This parameter overwrites the existing Storage Authentication Information.

If you try to overwrite the existing Storage Management Information without specifying this option, an error occurs.

Note

To overwrite the existing Storage Authentication Information, specify the value that is already set with the [AUTH-OPTIONS].

If the information that is already set is not specified again, it is overwritten with the value "Use the default value.".

-f, --force

Omission of confirmation (optional)

This parameter registers information without confirmation of the registered information.

When you specify the existing Storage Authentication Information, the information is overwritten even if you do not specify "-r" or "--replace".

When you omit it, a confirmation message is output before registration of the Storage Authentication Information.

Are you sure to register? [y/n]:

Input "y" or "Y" to register the Storage Authentication Information specified by the command.

Input other than "y" or "Y" ends in an error.

[REQUIRED]

These parameters cannot be omitted.

-t, --type auth

Type of information (mandatory)

auth:

Storage Authentication Information

--id ID

ID (mandatory)

This ID identifies the Storage Authentication Information.

Specify from 3 to 63 bytes of ASCII printable characters.

If you include single-byte spaces, "/", or "*", an error occurs.

[AUTH-OPTIONS]

These options set the Storage Authentication Information.

Note

  • If you specify "Enable IAM role (--enable-iam-role)", you cannot specify "AWS access key (--access-key KEY)", "AWS secret access key (--secret-access-key KEY)", and "Session token (--session-token TOKEN)".

    For details on the priority of use for "Authenticate IAM user" that uses an AWS access key and AWS secret access key and "Enable IAM role", refer to Storage Authentication Information settings.

    For details on the priority of use for "Temporary security credential authentication" that uses an AWS access key, AWS secret access key, and session token, and "Enable IAM role", refer to Storage Authentication Information settings.

  • You must specify "Switch role ARN (--switch-role-arn ARN)", "External ID (--external-id ID)", and "Role session name (--role-session-name NAME)" all at the same time.

    You cannot specify each value separately.

  • If you specify "Session token (--session-token TOKEN)", you must specify the following values at the same time:

    • AWS access key (-- access-key KEY)

    • AWS secret access key (--secret-access-key KEY)

--access-key KEY

AWS access key (optional)

This parameter specifies the access key associated with the AWS user who performs the upload or download in order to connect to Amazon Web Service.

Specify from 1 to 255 bytes of ASCII printable characters.

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

--secret-access-key KEY

AWS secret access key (optional)

This parameter specifies the secret key (password) associated with the access key in order to connect to Amazon Web Service.

Specify from 1 to 255 bytes of ASCII printable characters.

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

--session-token TOKEN

Session token (optional)

This parameter specifies the session token used with temporary security credentials in order to connect to Amazon Web Service.

Specify from 1 to 2048 bytes of ASCII printable characters.

If you specify "none", the session token is disabled.

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

--enable-iam-role

Enable IAM role (optional)

If you install HULFT and HULFT Cloud Storage Option on Amazon EC2, specify whether to enable authentication with an IAM role attached to Amazon EC2.

When you specify this parameter, authentication with an IAM role is enabled. In this case, the authentication information for the IAM role attached to Amazon EC2 is used.

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

= Remarks =

When you install HULFT and HULFT Cloud Storage Option in an environment other than Amazon EC2, if you enable the IAM role, transfer results in an error.

--switch-role-arn ARN

Switch role ARN (optional)

This parameter specifies Amazon Resource Name (ARN) of the IAM role to switch to.

Specify from 2 to 2048 bytes of ASCII printable characters.

If you specify "none", the switch role ARN is disabled and switching IAM roles is not performed.

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

--external-id ID

External ID (optional)

This parameter specifies the external ID that is used when IAM roles are switched.

Specify from 2 to 2048 bytes of ASCII printable characters.

If you specify "none", the external ID is disabled.

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

--role-session-name NAME

Role session name (optional)

This parameter specifies the role session name that is used when IAM roles are switched.

Specify from 2 to 255 bytes of ASCII printable characters.

If you specify "none", the role session name is disabled and either of the following fixed values is used during transfer:

  • For upload: HULFT-S3-Upload

  • For download: HULFT-S3-Download

When you omit specification of this option, the value "Use the default value." is set. In this case, the value set in the default information is used during transfer.

Supplement

  • As shown below, you can specify either with a space or an equals sign (=) between the parameter and the setting value.

      --parameter Value 
  --parameter=Value

  • If you specify "-h" or "--help" for the parameter, the usage is output.