Kvindo™ Cloud Docs
An S3 User is a programmatic identity for a single bucket. It is issued an access key / secret key pair that applications use to authenticate S3 API calls. What the user may do is defined by the Access Policies attached to it. S3 Users are separate from IAM Users and are meant for machine access only.
• Bucket — a user is scoped to one bucket (spec.bucketId)
• Access policies — the permissions granted, referenced by ID (spec.accessPolicyIds)
• Credentials — the generated status.accessKey and status.secretKey; store the secret securely, it authenticates every request
| UI Name | API / kc name | Terraform name | Optional | Format | Default | Is read only | Description |
|---|---|---|---|---|---|---|---|
| Bucket | spec.bucketId |
spec.bucket_id |
No | ULID — references an S3 Bucket | — | No | Bucket this user can access |
| Access policies | spec.accessPolicyIds |
spec.access_policy_ids |
Yes | list of ULIDs — reference Access Policies | — | No | Permissions granted to the user |
| Access key | status.accessKey |
status.access_key |
— | string | — | Yes | Public access key ID |
| Secret key | status.secretKey |
status.secret_key |
— | string (sensitive) | — | Yes | Secret access key; retrievable from status on every read |
A user granted an existing read/write policy on the assets bucket.
Terraform
Python SDK
kc CLI
Resource docs
Examples