Object Storage
Object Storage Keys List
https://api.linode.com/v4/object-storage/keys
Returns a paginated list of Object Storage Keys for authenticating to the Object Storage S3 API.
Request Samples
- Shell
- CLI
curl -H "Authorization: Bearer $TOKEN" \
https://api.linode.com/v4/object-storage/keys
Response Samples
- 200
- default
{
"data": [
{
"id": "",
"label": "my-key",
"access_key": "KVAKUTGBA4WTR2NSJQ81",
"secret_key": "OiA6F5r0niLs3QA2stbyq7mY5VCV7KqOzcmitmHw",
"limited": true,
"bucket_access": []
}
],
"page": 1,
"pages": 1,
"results": 1
}Responses
200: A paginated list of Object Storage Keys
This keypair's unique ID
The label given to this key. For display purposes only.
This keypair's access key. This is not secret.
This keypair's secret key. Only returned on key creation.
Whether or not this key is a limited access key. Will return false if this key grants full access to all buckets on the user's account.
Defines this key as a Limited Access Key. Limited Access Keys restrict this Object Storage key's access to only the bucket(s) declared in this array and define their bucket-level permissions.
Limited Access Keys can:
- list all buckets available on this Account, but cannot perform any actions on a bucket unless it has access to the bucket.
- create new buckets, but do not have any access to the buckets it creates, unless explicitly given access to them.
Note: You can create an Object Storage Limited Access Key without access to any buckets.
This is achieved by sending a request with an empty bucket_access array.
Note: If this field is omitted, a regular unlimited access key is issued.
The current page.
The total number of pages.
The total number of results.
default: Error
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to open a Support Ticket or perform some other action before you can complete the request successfully.
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as "null" if the error is not specific to any single element of the request.
Object Storage Key Create
https://api.linode.com/v4/object-storage/keys
Provisions a new Object Storage Key on your account.
Accounts with negative balances cannot access this command.
To create a Limited Access Key with specific permissions, send a
bucket_accessarray.To create a Limited Access Key without access to any buckets, send an empty
bucket_accessarray.To create an Access Key with unlimited access to all clusters and all buckets, omit the
bucket_accessarray.
Request Body Schema
Defines this key as a Limited Access Key. Limited Access Keys restrict this Object Storage key's access to only the bucket(s) declared in this array and define their bucket-level permissions.
Limited Access Keys can:
- list all buckets available on this Account, but cannot perform any actions on a bucket unless it has access to the bucket.
- create new buckets, but do not have any access to the buckets it creates, unless explicitly given access to them.
Note: You can create an Object Storage Limited Access Key without access to any buckets.
This is achieved by sending a request with an empty bucket_access array.
Note: If this field is omitted, a regular unlimited access key is issued.
The label given to this key. For display purposes only.
Request Samples
- Shell
- CLI
curl -H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-X POST -d '{
"label": "my-object-storage-key",
"bucket_access": [
{
"cluster": "ap-south-1",
"bucket_name": "bucket-example-1",
"permissions": "read_write"
},
{
"cluster": "us-east-1",
"bucket_name": "bucket-example-2",
"permissions": "read_only"
}
]
}' \
https://api.linode.com/v4/object-storage/keys
Response Samples
- 200
- default
{
"id": 1234,
"label": "my-key",
"access_key": "KVAKUTGBA4WTR2NSJQ81",
"secret_key": "OiA6F5r0niLs3QA2stbyq7mY5VCV7KqOzcmitmHw",
"limited": true,
"bucket_access": [
{
"cluster": "ap-south-1",
"bucket_name": "example-bucket",
"permissions": "read_only"
}
]
}Responses
200: The new keypair. **This is the only time** the secret key is returned.
This keypair's unique ID
The label given to this key. For display purposes only.
This keypair's access key. This is not secret.
This keypair's secret key. Only returned on key creation.
Whether or not this key is a limited access key. Will return false if this key grants full access to all buckets on the user's account.
Defines this key as a Limited Access Key. Limited Access Keys restrict this Object Storage key's access to only the bucket(s) declared in this array and define their bucket-level permissions.
Limited Access Keys can:
- list all buckets available on this Account, but cannot perform any actions on a bucket unless it has access to the bucket.
- create new buckets, but do not have any access to the buckets it creates, unless explicitly given access to them.
Note: You can create an Object Storage Limited Access Key without access to any buckets.
This is achieved by sending a request with an empty bucket_access array.
Note: If this field is omitted, a regular unlimited access key is issued.
The Object Storage cluster where a bucket to which the key is granting access is hosted.
The unique label of the bucket to which the key will grant limited access.
This Limited Access Key's permissions for the selected bucket.
default: Error
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to open a Support Ticket or perform some other action before you can complete the request successfully.
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as "null" if the error is not specific to any single element of the request.