1.1.3.2. Wasabiオブジェクトストレージの設定をする¶
各コマンドの実行については、rootユーザーに昇格して実行する前提で記載しています。
- 以下のコマンドを実行し、Wasabiアカウントを作成します。
# cd /usr/local/sdpf/wasabi # bash wasabi-account-create.sh
HTTP/1.1 200 OK Server: nginx Date: Thu, 18 May 2023 02:39:28 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin vary: Accept etag: W/"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" cache-control: max-age=0, private, must-revalidate x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX x-runtime: 13.664452 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 access-control-allow-origin: * access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type access-control-max-age: 1728000 access-control-allow-methods: * {"AcctNum":XXXXXX,"AcctName":"XXXXXXXXXXXXXXXXXXXXXXXXXX@ecl.ntt.com","Password":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX","AccessKey":"XXXXXXXXXXXXXXXXXXXX" ★「Wasabi 既存ユーザーのアクセスキー」に該当。,"SecretKey":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" ★「Wasabi 既存ユーザーのシークレットキー」に該当。,"CreateTime":"2023-05-18T02:39:18.000+00:00"}
- 手順1の実行結果内に記載されているキー情報を「vars_wasabi.py」内に反映後、以下のコマンドを実行し、Wasabiを利用するためのIAMユーザーを作成します。
# python3.9 wasabi-iam-create.pyサブユーザー「AAAAAAA」を作成します。 {'User': {'Path': '/', 'UserName': 'AAAAAAA', 'UserId': 'XXXXXXXXXXXXXXX', 'Arn': 'arn:aws:iam::XXXXXXXXXXXXX:user/AAAAAAA', 'CreateDate': datetime.datetime(2023, 5, 17, 11, 51, 55, 969000, tzinfo=tzlocal())}, 'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 200, 'HTTPHeaders': {'content-length': '429', 'content-type': 'text/xml', 'date': 'Wed, 17 May 2023 11:51:55 GMT', 'server': 'WasabiIAM', 'vary': 'Accept-Encoding', 'x-amzn-requestid': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-wasabi-cluster-id': 'us-east-1', 'x-wasabi-service': 'iam_service', 'x-wasabi-service-runtime-id': 'XXXXXXXXXXXXX'}, 'RetryAttempts': 0}} IAMユーザー「AAAAAAA」のパスワードを作成します。 {'LoginProfile': {'UserName': 'AAAAAAA', 'CreateDate': datetime.datetime(2023, 5, 17, 11, 51, 55, tzinfo=tzlocal()), 'PasswordResetRequired': False}, 'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 200, 'HTTPHeaders': {'content-length': '421', 'content-type': 'text/xml', 'date': 'Wed, 17 May 2023 11:51:56 GMT', 'server': 'WasabiIAM', 'vary': 'Accept-Encoding', 'x-amzn-requestid': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-wasabi-cluster-id': 'us-east-1', 'x-wasabi-service': 'iam_service', 'x-wasabi-service-runtime-id': 'XXXXXXXXXXXXX'}, 'RetryAttempts': 0}} IAMユーザー「AAAAAAA」のアクセスキーを作成します。 ※払いだされたキー情報は出力結果の「AccessKeyId」「SecretAccessKey」を確認してください。 {'AccessKey': {'UserName': 'AAAAAAA', 'AccessKeyId': 'XXXXXXXXXXXXXXXXXXXX', 'Status': 'Active', 'SecretAccessKey': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'CreateDate': datetime.datetime(2023, 5, 17, 11, 51, 56, 500000, tzinfo=tzlocal())}, 'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 200, 'HTTPHeaders': {'content-length': '496', 'content-type': 'text/xml', 'date': 'Wed, 17 May 2023 11:51:56 GMT', 'server': 'WasabiIAM', 'vary': 'Accept-Encoding', 'x-amzn-requestid': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-wasabi-cluster-id': 'us-east-1', 'x-wasabi-service': 'iam_service', 'x-wasabi-service-runtime-id': 'XXXXXXXXXXXXX'}, 'RetryAttempts': 0}} IAMポリシー「BBBBBBB」を作成します。 {'Policy': {'PolicyName': 'BBBBBBB', 'PolicyId': 'XXXXXXXXXXXXXXX', 'Arn': 'arn:aws:iam::XXXXXXXXXXXXX:policy/BBBBBBB', 'Path': '/', 'DefaultVersionId': 'v1', 'AttachmentCount': 0, 'IsAttachable': True, 'CreateDate': datetime.datetime(2023, 5, 17, 11, 51, 56, 725000, tzinfo=tzlocal()), 'UpdateDate': datetime.datetime(2023, 5, 17, 11, 51, 56, 725000, tzinfo=tzlocal())}, 'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 200, 'HTTPHeaders': {'content-length': '614', 'content-type': 'text/xml', 'date': 'Wed, 17 May 2023 11:51:56 GMT', 'server': 'WasabiIAM', 'vary': 'Accept-Encoding', 'x-amzn-requestid': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-wasabi-cluster-id': 'us-east-1', 'x-wasabi-service': 'iam_service', 'x-wasabi-service-runtime-id': 'XXXXXXXXXXXXX'}, 'RetryAttempts': 0}} IAMユーザー「AAAAAAA」にIAMポリシー「BBBBBBB」を割り当てます。 {'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 200, 'HTTPHeaders': {'content-length': '199', 'content-type': 'text/xml', 'date': 'Wed, 17 May 2023 11:51:57 GMT', 'server': 'WasabiIAM', 'vary': 'Accept-Encoding', 'x-amzn-requestid': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-wasabi-cluster-id': 'us-east-1', 'x-wasabi-service': 'iam_service', 'x-wasabi-service-runtime-id': 'XXXXXXXXXXXXX'}, 'RetryAttempts': 0}}
- 以下のコマンドを実行し、Wasabiバケットの作成/設定を行います。
# python3.9 wasabi-bucket-create.pyバケット名「CCCCCCC」を作成します。 {'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXX', 'HostId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 200, 'HTTPHeaders': {'date': 'Wed, 17 May 2023 11:50:26 GMT', 'location': 'https://s3.ap-northeast-1.wasabisys.com/CCCCCCC/', 'server': 'WasabiS3/7.14.261-2023-05-10-559a64530e (head4)', 'x-amz-id-2': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-amz-request-id': 'XXXXXXXXXXXXXX', 'content-length': '0'}, 'RetryAttempts': 0}, 'Location': 'https://s3.ap-northeast-1.wasabisys.com/CCCCCCC/'} バケット名「CCCCCCC」にポリシーを適用します。 {'ResponseMetadata': {'RequestId': 'XXXXXXXXXXXXXX', 'HostId': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'HTTPStatusCode': 204, 'HTTPHeaders': {'date': 'Wed, 17 May 2023 11:50:27 GMT', 'server': 'WasabiS3/7.14.261-2023-05-10-559a64530e (head4)', 'x-amz-id-2': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', 'x-amz-request-id': 'XXXXXXXXXXXXXX'}, 'RetryAttempts': 0}}