Creating Access Keys in the Cluster Manager

The cluster connects to S3 storage using access keys, which provide a more secure and flexible alternative to authenticating with the Aspera node user or system user. For more information about access keys, see Access Key Overview.

In the Cluster Manager, click the cluster you want to configure. In the cluster details, click the Access Keys tab.
Click New to create a new access key.
Name your access key.
Enter the Aspera Customer ID and Aspera Entitlement ID into their respective fields.
Choose Amazon S3 as the storage.
Enter the cloud storage credentials and options.
1. Enter the name of your S3 bucket in the Bucket field.
2. Enter the path for the directory of the bucket you want to grant access to. The path must not be empty. Enter "/" if you want to access the entire bucket.
3. Enter the cloud storage endpoint. The default is s3.amazonaws.com.
4. Select Assume Role under Credentials and enter the ARN of the atc-s3-access-keys role: arn:aws:iam::your_aws_account_id:role/atc-s3.
5. You must also enter the external ID if you are accessing the S3 buckets of a separate AWS account. For more information, see Creating an IAM Role for S3 Access to a Separate AWS Account.
6. Enter an optional session name. For more information, see the RoleSessionName section in the "AssumeRole" topic at http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html on the AWS website.
7. Enter your Access Key ID and Secret Access Key.
  
  Note: I f left blank, the Cluster Manager uses the default value "assumed-atcm".
Click Create.

The new access key is added to the list of access keys with the state PENDING. If the cluster nodes can access the specified storage location successfully, the state turns to SYNCHRONIZED. Otherwise, the state turns to ERROR and the corresponding error message is displayed.