globus-connect-server-config storage-gateway create - Create a storage gateway


globus-connect-server-config storage-gateway create [OPTIONS]


The storage-gateway create subcommand creates a new storage gateway, which is a named location for creating collections. It also can associate optional policies governing path restrictions and identity providers which may access the storage gateway. Once a storage gateway is created, visit to create guest collections to access the storage gateway.

The --root, --connector, and --display-name parameters are required to create a storage gateway.

The --high-assurance flag and --authentication-assurance-timeout option are required to create a high assurance storage gateway.

Additional parameters control the policies for the storage gateway: --domain, --identity-provider, --restrict-paths, --allow-guest-collections, --allow-mapped-collections, --authentication-assurance-timeout

Each available connector type has several additional options to control connector-specific policies:

POSIX: --users-allow, --users-deny, --groups-allow, --groups-deny

Google Drive: --client-id, --client-secret, --user-api-rate-quota

S3: --s3-user-credential, --s3-endpoint, --s3-bucket

Ceph: --ceph-admin-key-id, --ceph-admin-secret-key, --s3-endpoint, --s3-bucket


-h, --help

Show this message and exit.

-r, --root ROOT

Storage gateway root path


Enable high assurance features

-t, --connector [POSIX|Google Drive|S3|Ceph]

Connector type

--authentication-assurance-timeout TIMEOUT

Assure authentication has occurred within the last TIMEOUT minutes

--allow-mapped-collections / --disallow-mapped-collections

Dis/allow mapped collections on this gateway. New storage gateways disallow by default.

--allow-guest-collections / --disallow-guest-collections

Dis/allow guest collections on this gateway. New storage gateways allow by default.

-p, --restrict-paths RP

Sharing path restrictions

-i, --identity-provider ID

Allowed identity provider

-n, --display-name NAME

Storage gateway name

-G, --groups-deny GROUPS

POSIX groups not allowed to create collections

-g, --groups-allow GROUPS

POSIX groups allowed to create collections

-U, --users-deny USERS

POSIX users not allowed to create collections

-u, --users-allow USERS

POSIX users allowed to create collections

-q, --user-api-rate-quota QUOTA

Google Drive API rate quota

-S, --client-secret SECRET

Google Drive app client secret

-c, --client-id ID

Google Drive app client id

-b, --s3-bucket BUCKET

S3 compatible bucket to use. To use multiple buckets, pass this option multiple times. Defaults to all credential accessible buckets if none specified.

--s3-endpoint URL

Full URL of S3 compatible storage location. May include a port.e.g.

--s3-user-credential / --s3-unauthenticated

Either use S3 compatible user credentials for access or use unauthenticated access. Defaults to user credential access.

--ceph-admin-secret-key SECRET

Admin secret key for Ceph access

--ceph-admin-key-id ID

Admin key ID for Ceph access

-d, --domain DOMAIN

Allowed username domain [required]

© 2010- The University of Chicago Legal