Regenerating the S3 credentials for the accounts

Change and rotate your Multicloud Object Gateway (MCG) account credentials by regenerating the S3 credentials for the accounts.

Procedure

  1. Get the account name.
    • For listing the accounts, run the following command:
      noobaa account list
      Example output:
      NAME           ALLOWED_BUCKETS   DEFAULT_RESOURCE               PHASE   AGE
      account-test   [*]               noobaa-default-backing-store   Ready   14m17s
      test2          [first.bucket]    noobaa-default-backing-store   Ready   3m12s
    • Alternatively, run the oc get noobaaaccount command from the terminal:
      oc get noobaaaccount
      Example output:
      NAME           PHASE   AGE
      account-test   Ready   15m
      test2          Ready   3m59s
  2. To regenerate the noobaa account S3 credentials, run the following command:
    noobaa account regenerate <noobaa_account_name> [options]
    noobaa account regenerate
    FATA[0000] ❌ Missing expected arguments: <noobaa-account-name>
    
    Usage:
        noobaa account regenerate <noobaa-account-name> [flags] [options]
    
    Use "noobaa options" for a list of global command-line options (applies to all commands).
  3. Once you run the noobaa account regenerate command it prompts the This will invalidate all connections between S3 clients and NooBaa which are connected using the current credentials. warning and asks for confirmation.
    Example:
    noobaa account regenerate account-test
    Example output:
    INFO[0000] You are about to regenerate an account's security credentials.
    INFO[0000] This will invalidate all connections between S3 clients and NooBaa which are connected using the current credentials.
    INFO[0000] are you sure? y/n
    After approving, the credentials are regenerated and eventually printed.
    INFO[0015] ✅ Exists: Secret "noobaa-account-account-test"
    Connection info:
    AWS_ACCESS_KEY_ID      : ***
    AWS_SECRET_ACCESS_KEY  : ***