Regenerating the S3 credentials for the OBC
Change and rotate your Multicloud Object Gateway (MCG) account credentials by regenerating the S3 credentials for the OBC.
Procedure
- Get the OBC name.
- Run the noobaa obc list
command
noobaa obc list
Example output:NAMESPACE NAME BUCKET-NAME STORAGE-CLASS BUCKET-CLASS PHASE default obc-test obc-test-35800e50-8978-461f-b7e0-7793080e26ba default.noobaa.io noobaa-default-bucket-class Bound
- Run the oc get obc command from the
terminal.
oc get obc
Example output:NAME STORAGE-CLASS PHASE AGE obc-test default.noobaa.io Bound 38s
- Run the noobaa obc list
command
- To regenerate the noobaa OBC S3 credentials, run the following command:
noobaa obc regenerate <bucket_claim_name> [options]
noobaa obc regenerate FATA[0000] ❌ Missing expected arguments: <bucket-claim-name> Usage: noobaa obc regenerate <bucket-claim-name> [flags] [options] Use "noobaa options" for a list of global command-line options (applies to all commands).
- Once you run the
noobaa obc regenerate
command it prompts the This will invalidate all connections between S3 clients and NooBaa which are connected using the current credentials. warning and asks for confirmation.Example:
noobaa obc regenerate obc-test
Example output:INFO[0000] You are about to regenerate an OBC's security credentials. INFO[0000] This will invalidate all connections between S3 clients and NooBaa which are connected using the current credentials. INFO[0000] are you sure? y/n
After approving, the credentials are regenerated and eventually printed.INFO[0022] ✅ RPC: bucket.read_bucket() Response OK: took 95.4ms ObjectBucketClaim info: Phase : Bound ObjectBucketClaim : kubectl get -n default objectbucketclaim obc-test ConfigMap : kubectl get -n default configmap obc-test Secret : kubectl get -n default secret obc-test ObjectBucket : kubectl get objectbucket obc-default-obc-test StorageClass : kubectl get storageclass default.noobaa.io BucketClass : kubectl get -n default bucketclass noobaa-default-bucket-class Connection info: BUCKET_HOST : s3.default.svc BUCKET_NAME : obc-test-35800e50-8978-461f-b7e0-7793080e26ba BUCKET_PORT : 443 AWS_ACCESS_KEY_ID : *** AWS_SECRET_ACCESS_KEY : *** Shell commands: AWS S3 Alias : alias s3='AWS_ACCESS_KEY_ID=*** AWS_SECRET_ACCESS_KEY=*** aws s3 --no-verify-ssl --endpoint-url ***' Bucket status: Name : obc-test-35800e50-8978-461f-b7e0-7793080e26ba Type : REGULAR Mode : OPTIMAL ResiliencyStatus : OPTIMAL QuotaStatus : QUOTA_NOT_SET Num Objects : 0 Data Size : 0.000 B Data Size Reduced : 0.000 B Data Space Avail : 13.261 GB Num Objects Avail : 9007199254740991