|Configuring for the Cloud|
If you are using IBM Aspera Files or Aspera On Demand with Console to transfer files to and from cloud storage, you must configure a docroot restriction on your cloud-based transfer server instead of a docroot absolute path. A configuration with both a docroot absolute path (docrooted user) and a restriction is not supported.
The primary purpose of restrictions is to allow access to certain storage (for example, Amazon S3) for clients that have their own storage credentials. A docroot restriction limits the files a client is allowed to access for browsing and transfers. Files are rejected unless they match any restrictions that are present.
Restrictions work for URI paths and are processed in the following order:
Restriction syntax is specific to the storage:
|Storage Type||Format Example|
|S3 and IBM Cloud Object Storage (Cleversafe)||s3://*|
To add a restriction, follow these steps:
To add a restriction for a user, for example the Files system user xfer restricted to \s3://*, run the following command:
# asconfigurator -x "set_user_data;user_name,xfer;file_restriction,\s3://*"
To add a restriction that applies to all users, such as \s3://*, run the following command:
# asconfigurator -x "set_node_data;file_restriction,\s3://*"
# /opt/aspera/bin/asuserdata -v
<paths> <path> <restrictions> <restriction>s3://*</restriction> </restrictions> </path> </paths>