AWS Storage Gateway: access control, authentication and clients
A customer has just started using AWS Storage Gateway (File Gateway - NFS), and they have some specific questions:
- How can you restrict access to specific files / folders when using NFS? I am aware of this mechanism: are there any alternatives?
- Are there any clients or web UIs that you could use to interact with file stored in the file share, or is mounting the file share on an OS the only option?
- Are there any ways to restrict the possibility of mounting/accessing the file share in addition to IP-based filtering? Can you enable any sort of authentication mechanism?
- 新しい順
- 投票が多い順
- コメントが多い順
-
AWS Storage Gateway (File Gateway - NFS) provides a standard NFS filesystem and it relies on standard unix permissions as mentioned here: https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#edit-metadata-defaults
-
There is no web UI to go through the file share. One option would be to use the S3 console or any other S3-compatible GUI, but beware such GUI would not maintain file metadata that File Gateway uses to store UNIX permissions (as mentioned in 1.) and could break desired permissions.
-
AWS Storage Gateway (File Gateway - NFS) only provided IP based filtering for NFS accesses, as mentioned here: https://docs.aws.amazon.com/storagegateway/latest/userguide/managing-gateway-file.html#edit-nfs-client
AWS Storage Gateway (File Gateway - SMB) has more possibilities on these topics, it may be worth considering it depending on the type of file share clients they have.
関連するコンテンツ
AWS公式更新しました 2年前- AWS公式更新しました 2年前
