diff --git a/docs/iam/create-access-key/1-get-started.webp b/docs/iam/create-access-key/1-get-started.webp new file mode 100644 index 00000000..7bd596e2 Binary files /dev/null and b/docs/iam/create-access-key/1-get-started.webp differ diff --git a/docs/iam/create-access-key/2-access-keys.webp b/docs/iam/create-access-key/2-access-keys.webp new file mode 100644 index 00000000..f4d9b4d1 Binary files /dev/null and b/docs/iam/create-access-key/2-access-keys.webp differ diff --git a/docs/iam/create-access-key/3-blank-form.webp b/docs/iam/create-access-key/3-blank-form.webp new file mode 100644 index 00000000..25273bde Binary files /dev/null and b/docs/iam/create-access-key/3-blank-form.webp differ diff --git a/docs/iam/create-access-key/4-filled-out-form.webp b/docs/iam/create-access-key/4-filled-out-form.webp new file mode 100644 index 00000000..3366c811 Binary files /dev/null and b/docs/iam/create-access-key/4-filled-out-form.webp differ diff --git a/docs/iam/create-access-key/5-creds.webp b/docs/iam/create-access-key/5-creds.webp new file mode 100644 index 00000000..22db36a4 Binary files /dev/null and b/docs/iam/create-access-key/5-creds.webp differ diff --git a/docs/iam/create-access-key/index.mdx b/docs/iam/create-access-key/index.mdx new file mode 100644 index 00000000..15c410cb --- /dev/null +++ b/docs/iam/create-access-key/index.mdx @@ -0,0 +1,35 @@ +# Creating an Access Key + +Clients need access keys to store files on Tigris. You can mint new access keys +from the [Tigris Dashboard](https://console.tigris.dev). + +First, go to the [Tigris Dashboard](https://console.tigris.dev). + +![](./1-get-started.webp) + +Click on Access Keys in the left-hand menu. + +![](./2-access-keys.webp) + +Click on the Create New Access Key button. + +![](./3-blank-form.webp) + +Give the key a name and assign the desired permissions. If you're unsure, you +can always come back and edit the permissions later. Some common permissions to +give: + +- Admin access for your developer machine (not recommended for production) +- Read-only access to all buckets +- Editor access to a specific bucket or set of buckets (such as a bucket for a + specific project or service) + +![](./4-filled-out-form.webp) + +Click Create. + +![](./5-creds.webp) + +Copy the credentials to your notes or password manager. You will not be able to +see them again. Then you can use them with +[the AWS S3 SDK and CLI](/docs/sdks/s3/) or any other S3 compatible system. diff --git a/docs/iam/index.md b/docs/iam/index.md index 56a9fec5..4df8a31f 100644 --- a/docs/iam/index.md +++ b/docs/iam/index.md @@ -13,12 +13,12 @@ Because Tigris is S3-compatible, you can continue to use existing AWS S3 IAM policies, CLIs, SDKs, and libraries with Tigris. Custom IAM policies must be defined and set using the AWS CLI, configured with Tigris credentials. -# How to create and attach an IAM policy +## How to create and attach an IAM policy Policies are attached to access keys. If you delete and recreate an access key, you'll need to attach IAM policies to the new access key. -## Create an Access Key +### Create an Access Key - Go to the [Tigris Dashboard](https://console.tigris.dev). - Click on the `Access Keys` tab. @@ -31,7 +31,7 @@ you'll need to attach IAM policies to the new access key. - Ensure your IAM endpoint URL points to Tigris: `AWS_ENDPOINT_URL_IAM=https://fly.iam.storage.tigris.dev` -## Create an IAM Policy +### Create an IAM Policy Let's create an IAM policy and attach it to an access key. Here's an example IAM policy. You'll need to save it as a `.json` file. @@ -71,7 +71,7 @@ aws iam create-policy --policy-name --pol Note the ARN of the policy. -## Attach IAM Policy +### Attach IAM Policy Once you've created an IAM Policy, you can attach it to users using the `IAM:AttachUserPolicy` operation: diff --git a/sidebars.js b/sidebars.js index 1ac0d786..25a72387 100644 --- a/sidebars.js +++ b/sidebars.js @@ -84,6 +84,7 @@ const sidebars = { label: "IAM", items: [ "iam/index", + "iam/create-access-key/index", "iam/limited-access-key", "iam/ip-restrictions", "iam/date-time-restrictions",