ECS: CAS User and Bucket Administration Best Practices

ECS: CAS User and Bucket Administration Best Practices

It is recommended to administer a CAS deployment of ECS regarding CAS users and buckets as follows:
A management user must create a CAS bucket, set Object user as Owner, grant read Access Control List (ACL) permission to themselves, and set the default bucket for the Object user.

The following example and additional instructions can be found in the ECS Data Access Guide which can be found and downloaded here: https://www.dell.com/support/home/us/en/19/product-support/product/ecs-appliance-/docs

Example:
Create and set up a bucket for a CAS user.
In ECS, management users create buckets and become the bucket owners. For CAS, object users must be set up as bucket owners. Follow this procedure to properly set up a CAS bucket and make the CAS user the bucket owner. In this example, newcasadmin1 is a management user, newcasuser1 is a CAS object user, and newcasns1 is the namespace. The procedure assumes that the two users and namespace have been set up (Following the ECS Data Access Guide mentioned above).

Procedure:

1. Log in to the ECS Portal as newcasadmin1.

2. At the ECS Portal, select Manage > Bucket.

3. Choose a New Bucket.

4. Enter the fields as shown below:

   Field	Value
   Replication Group	Your replication group
   Set current user as Bucket Owner	Check
   CAS	On

5. Choose Save.

6. Select Manage > User.

7. Ensure that the Object User tab is active, search for newcasuser1 and choose Edit.

8. In Default Bucket, type newcasbucket1 and choose Set Bucket.

9. Choose Close.

10. Select Manage > Bucket.

11. Search for newcasbucket1 and choose Edit bucket.

12. In Bucket Owner, type newcasuser1.

13. Choose Save.

Set up a CAS object user:

When setting up an object user, CAS features can be assigned to the profile that make up the elements of a CAS profile. The resulting PEA file can then be viewed for use in CAS applications.

Procedure:

1. At the ECS Portal, select Manage > Users.

2. To edit the configuration of an existing object user, choose the Edit action associated with the user.

3. In the CAS area, type a password (secret) or choose Generate to have the portal create one for us.

4. Choose Set Password.

5. Choose Generate PEA File to generate the PEA file your application must authenticate to the CAS storage on ECS.

6. By setting a default bucket, every action the user takes that does not specify a bucket uses the specified default bucket. Type the name of the default bucket and choose Set Bucket.

7. Choose Add Attribute to add a metadata tag to the user.

8. Add the metadata tag name and value.
   See the CAS Software Development Kit (SDK) documentation for more information about metadata tags (https://support.emc.com/docu41503_Centera-SDK-3.3-Programmer's-Guide.pdf?language=en_US)

9. Choose Save Metadata.