All Products
Search
Document Center

Object Storage Service:ProxyUser (Configure a proxy user)

Last Updated:Nov 19, 2024

The ProxyUser command is used to authorize a user to perform operations such as accessing sensitive data on behalf of other users. This topic describes the common use scenarios of the ProxyUser command in OSS-HDFS.

Prerequisites

Procedure

  1. Configure environment variables.

    1. Connect to an ECS instance. For more information, see Connect to an ECS instance.

    2. Go to the bin directory of the installed JindoSDK JAR package.

      cd jindosdk-x.x.x/bin/
      Note

      x.x.x indicates the version number of the JindoSDK JAR package.

    3. Grant read and write permissions to the jindo-util file in the bin directory.

      chmod 700 jindo-util
    4. Rename the jindo-util file to jindo.

      mv jindo-util jindo
    5. Create a configuration file named jindosdk.cfg, and then add the following parameters to the configuration file.

      [common] Retain the following default configurations. 
      logger.dir = /tmp/jindo-util/
      logger.sync = false
      logger.consolelogger = false
      logger.level = 0
      logger.verbose = 0
      logger.cleaner.enable = true
      hadoopConf.enable = false
      
      [jindosdk] Specify the following parameters. 
      <!-- In this example, the China (Hangzhou) region is used. Specify your actual region.  -->
      fs.oss.endpoint = cn-hangzhou.oss-dls.aliyuncs.com
      <! -- Configure the AccessKey ID and AccessKey secret that is used to access OSS-HDFS.  -->
      fs.oss.accessKeyId = LTAI********   
      fs.oss.accessKeySecret = KZo1********                                        
    6. Configure environment variables.

      export JINDOSDK_CONF_DIR=<JINDOSDK_CONF_DIR>

      Set <JINDOSDK_CONF_DIR> to the absolute path of the jindosdk.cfg configuration file.

  2. Run the ProxyUser command to add, view, and delete proxy users.

    Add a proxy user

    • Command syntax

      ./jindo admin -addProxyUser \
                       [-dlsUri <uri>] \
                       [-proxyUser <proxyUser>] \
                       [-users <user1,user2...>]|[-groups <group1,group2...>] \
                       [-hosts <host1,host2...>]
    • Example

      You can run the following command to specify user1 as a proxy user for all users who belong to group1 and group2 and send requests from host1 and host2:

      ./jindo admin -addProxyUser \
                       -dlsUri oss://examplebucket.cn-shanghai.oss-dls.aliyuncs.com \
                       -proxyUser user1 \
                       -groups group1,group2 \
                       -hosts host1,host2
      Important

      The -user option cannot be specified together with the -group option in the same command.

    View all proxy users and proxy information

    • Command syntax

      ./jindo admin -listProxyUsers \
                      [-dlsUri <dlsUri>] \              
                      [-maxKeys <maxKeys>] \
                      [-marker <marker>]

      The -maxKeys and-marker options are both optional.

      • The -maxKeys option is used to specify the number of proxy users that you want to query.

      • The -marker option is used to filter proxy users whose names contain a specific string.

    • Example

      You can run the following command to query information about 10 proxy users whose names contain the test string in the path specified by <dlsUri>:

      ./jindo admin -listProxyUsers \
                       -dlsUri oss://examplebucket.cn-shanghai.oss-dls.aliyuncs.com \
                       -maxKeys 10 \
                       -marker test

    Delete a proxy user

    • Command syntax

      ./jindo admin -deleteProxyUser \
                      [-dlsUri <uri>] \
                      [-proxyUser <proxyUser>]
    • Example

      You can run the following command to delete a proxy user named user1. After user1 is deleted, user1 cannot be used as a proxy user for any users.

      ./jindo admin -deleteProxyUser \
                       -dlsUri oss://examplebucket.cn-shanghai.oss-dls.aliyuncs.com \
                       -proxyUser user1