Non-Commvault Users Have Read Permission to Amazon S3

Article ID: CLD0001 Users other than Commvault users have read permission to Amazon S3 cloud storage.

Symptom

Access control to files is not being honored.  Un-authorized users have read access to files stored in Amazon S3 cloud storage.

Cause

Amazon S3 Access Control Lists (ACL) on Bucket is not set to private

Resolution

Use the Cloud Test tool to reset the read permission to Commvault users only.

For more information, see Cloud Test Tool.

  1. On the MediaAgent, start the Cloud Test tool.
  2. Type the number for Amazon S3, and then press Enter.
  3. Type your Amazon S3 credentials, and then press Enter.
  4. Type the number for Reset Canned Access Control Lists (ACL) on Bucket to private, and then press Enter.

    The option Reset Canned Access Control Lists (ACL) on Bucket to private is available only to Amazon S3 subscribers. This option is not available to subscribers of other cloud storage devices.

    A message appears that asks you if you want to reset the ACL to private. This process might take a long time to complete.

  5. Type 1 to set the ACL to private, and then press Enter.

    When the process is complete, a message appears that states that the ACL on the bucket is reset.

    Only the appropriate users have read permission.