Creating Access Keys in the Cluster Manager

Aspera clients connect to cluster nodes using access keys, which provide a more secure and flexible alternative to authenticating with the Aspera node user or system user. For more information about access keys, see Access Key Overview.
  1. On the ATC Manager Clusters page, click the cluster you want to configure. In the cluster details, click the Access Keys tab.
  2. Click New to create a new access key.
  3. Name your access key.
    Naming your keys with a descriptive name can help you keep track if you create multiple access keys for the same storage.
  4. In the License section, enter the Aspera Customer ID and Aspera Entitlement ID into their respective fields.
  5. In the Storage section, select your storage type (Amazon S3).
  6. Enter the cloud storage credentials and options.
    1. Bucket: Enter the name of your S3 bucket.
    2. Path: Enter the path of the directory in the bucket to which you want to grant access.
      The path must not be empty. Enter "/" if you want to access the entire bucket.
    3. Endpoint: Enter the cloud storage endpoint.
      The default is s3.amazonaws.com.
    4. Storage Class: Select the storage class of your bucket.
    5. Server-side encryption: Select a server-side encryption option.
      If you select KMS, enter the Encryption Key ID. To retrieve your encryption key ID, in the AWS Console go to IAM > Encryption Keys and copy the Key ID for aws/s3.
      Note: To use a specific KMS key, you must access your AWS console and create a key using the AWS IAM role console. For instructions on creating keys for KMS, see AWS Key Management Service Developer Guide: Creating Keys at https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html.
    6. Credentials: Select how you want to authenticate to the storage.
    7. To authenticate with an Assume Role:
    8. To authenticate with an Access Key: Enter your AWS Access Key ID and Secret Access Key.
      Note: If the Access Key fields are left blank, ATC Manager uses the default value "assumed-atcm".
  7. Click Create.

The new access key is added to the list of access keys with the state PENDING. If the cluster nodes can access the specified storage location successfully, the state turns to SYNCHRONIZED. Otherwise, the state turns to ERROR and the corresponding error message is displayed.