AWS Storage Gateway: access control, authentication and clients
A customer has just started using AWS Storage Gateway (File Gateway - NFS), and they have some specific questions:
- How can you restrict access to specific files / folders when using NFS? I am aware of this mechanism: are there any alternatives?
- Are there any clients or web UIs that you could use to interact with file stored in the file share, or is mounting the file share on an OS the only option?
- Are there any ways to restrict the possibility of mounting/accessing the file share in addition to IP-based filtering? Can you enable any sort of authentication mechanism?
- Más nuevo
- Más votos
- Más comentarios
-
AWS Storage Gateway (File Gateway - NFS) provides a standard NFS filesystem and it relies on standard unix permissions as mentioned here: https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#edit-metadata-defaults
-
There is no web UI to go through the file share. One option would be to use the S3 console or any other S3-compatible GUI, but beware such GUI would not maintain file metadata that File Gateway uses to store UNIX permissions (as mentioned in 1.) and could break desired permissions.
-
AWS Storage Gateway (File Gateway - NFS) only provided IP based filtering for NFS accesses, as mentioned here: https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#edit-nfs-client
AWS Storage Gateway (File Gateway - SMB) has more possibilities on these topics, it may be worth considering it depending on the type of file share clients they have.
Contenido relevante
OFICIAL DE AWSActualizada hace 2 años- ¿Cómo puedo solucionar problemas de rendimiento lento al copiar archivos locales en Storage Gateway?OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 10 meses