Create a sub-access key to a cloud storage folder

Edit online

As an administrator with the primary access key, you can generate sub-access key/secret pairs to use as transfer and access credentials for a folder in your cloud storage.

Use sub-access keys to delegate certain administrative tasks and contextual content access to another AoC admin or to a workspace manager without having to distribute the primary access key.

Note that these credentials are a separate access method from the permission you set on a shared folder. The permissions you set on a shared folder do not restrict actions on folder content when using the access key.

Also note that the sub-access keys you create using the procedure in this article are for use only within Aspera on Cloud. Be sure to use the proper key type to avoid security implications. For details see Primary access keys and sub-access keys.

  1. Go to Nodes and storage > Nodes > nodeName
  2. Provide access credentials and log in, using either of these methods:
    • Enter the secret for the node hosting this shared folder and click Log in.
    • If you have a custom access key, click Use custom access key, enter the custom access key and secret, and click Log in.

    AoC creates the new access key for the shared folder.

  3. Click Folder access keys > Create new.
  4. Select the intended folder:
    1. Click any folder to drill into it.
    2. Click Create folder at any location to make a new folder; name the folder, choosing a name that will be descriptive enough for those who will need to access it. Click OK.
    3. Use the gray bar near the folder list to navigate up and down the folder hierarchy.
    4. Click to select the option button to the left of the folder row, then click Create.
  5. Give this key a name and provide notes to add a description, purpose, expected use, or other info that will be useful to those using this key.

    This step is optional but highly recommended to make key management and use easier. If you add a name and notes, they'll be included in the file you download in a following step. If you are creating multiple access keys to the same storage for different users or groups of users, make the name descriptive enough to tell them apart.

  6. Save the access key by doing one of the following:
    • Click Download. AoC generates the file KeySecretPair.txt, containing the key and secret. Aspera recommends you rename the file to make it easier to track, and save it to a secure and accessible location.
    • Click Copy for both key and secret, saving them to a secure and accessible location.
      Note: Aspera on Cloud does not store the secret. Once you click OK in the following step, you can no longer retrieve the secret. Store the key and secret in a secure and accessible location according to local site security practices.
  7. Click OK.
  8. Name the key pair file and click Save.
  9. To use this key to set up a connection to this folder in the Aspera GUI client, note the node URL.
  10. Deliver the key pair file to the user of the client according to your local site security practice.

Delete a folder sub-access key

To delete a sub-access key to a folder in cloud storage, do the following:
  1. Go to Nodes and storage > Nodes > nodeName.
  2. Provide access credentials and log in, using either of these methods:
    • Enter the secret for the node hosting this shared folder and click Log in.
    • If you have a custom access key, click Use custom access key, enter the custom access key and secret, and click Log in.

    AoC creates the new access key for the shared folder.

  3. Click Folder access keys.
  4. Right-click the row of the intended folder and select Manage access keys.
  5. Right-click Delete, then confirm deletion.