website logo
Create accountLogin
Home
DCS
Node
Resources
Help center
Navigate through spaces
Home
DCS
Node
Resources
Help center
⌘K
Storj DCS
Get Started
AWS CLI and Hosted Gateway MT
AWS SDK and Hosted Gateway MT
Uplink CLI
Satellite Admin Console
Object Browser
Downloads
Download Uplink CLI
Download Self-hosted S3 Compatible Gateway
Download Storj Client Libraries
SDKs & Reference
Tutorial
How-to Guides
Concepts
Support
Support Overview
FAQ
Community Forum
Status Page
Help Desk
Billing, Payment & Accounts
Resources
Moved Documents
Docs powered by archbee 
4min

When to use the Satellite Web Interface and When to use the CLI

Determining when to use the different tools for generating Access Grants is driven by the use of the underlying tool. You can generate an Access Grant in the Satellite Admin Console, or you can use either our Go Library or Create Access Grant in CLI.

When to use the Satellite Admin Console

In general, you use the Satellite Admin Console web interface to create an Access Grant that is then used to set up whatever client tool you are using. In order to configure and use the CLI or an application like FileZilla Native Integration or Rclone you must first Create an Access Grant to configure the client. You may create an unrestricted Access Grant or Restricted Access Grant with limited access. The Satellite Admin Console web interface is also used to generate credentials if you want to use an application with the Storj hosted S3-compatible gateway.

Remember: When you use an Access Grant to generate credentials for the Storj hosted S3-compatible gateway, the hosted gateway uses server-side encryption. If end-to-end encryption is essential for your use case, you should encrypt your data before sending it to the hosted gateway, or use a self-hosted S3-compatible Gateway.

When to use an Uplink client

Once you have created an Access Grant from the Satellite Admin Console web interface, the CLI, client library or other client tool can then use that Access Grant to interact with the Storj DCS service, or create additional restricted Access Grants - child Access Grants of the parent created in the Satellite Admin Console. The Uplink Client can be used to create additional child Restricted Access Grants.

Remember: When you create child Restricted Access Grants from a parent Restricted Access Grant, the child Restricted Access Grants can have the same level of access as the parent or less access, but never more.

For example: A parent Restricted Access Grant that only has Read and Write access to a particular may be used to create child Restricted Access Grants that have Read-only access to the bucket or just one path within that bucket. But, a parent Restricted Access Grant that only has Read and Write access to a particular may NOT be used to create child Restricted Access Grants that have Read-write-delete access to the bucket or another path within another bucket to which the parent Restricted Access Grant does not have any access.

If you want to learn more, check out the Key Architecture Constructs section or read all about Access Management.

Learn how to Create Access Grant in CLI in the Satellite Admin Console.

Learn how to Create Access Grant in CLI in the Uplink CLI.

Updated 03 Mar 2023
Did this page help you?
Yes
No
UP NEXT
Encryption Keys
Docs powered by archbee 
TABLE OF CONTENTS
When to use the Satellite Admin Console
When to use an Uplink client