Modifying Views via VAST Web UI
From the left navigation menu, select Element Store and then Views.
Open the Actions menu for the view you want to edit, and select Edit.
Review and change the view settings in the General tab as needed:
Field
Description
Tenant
The view's tenant.
Path
The full path from the top level of the storage system on the cluster to the location exposed by the view.
Protocols
Change the combination of protocols enabled for accessing the view. For supported combinations, see Controlling File and Directory Permissions Across Protocols.
SMB share name
Required for SMB shares.
If this is the first time you're exposing the view to SMB, enter a name for the SMB share. The name cannot include the following characters: /\:|<>*?"
If the view was already configured with an SMB share, you cannot modify the SMB share name.
NFS alias
Optional for NFSv3 exports. Enabled if NFS is selected in the Protocols field.
An alias for the mount path of an NFS export. An alias must begin with a forward slash ("/") and must consist of only ASCII characters.
S3 Bucket Name
The bucket name for S3 buckets.
If you select S3 Bucket in the Protocols dropdown, enter a name for the S3 Bucket.
Policy name
Change the view policy if needed:
From the Policy name dropdown, select an existing view policy or select Add New Policy to create a new one, and follow the procedure described in Creating a View Policy via VAST Web UI to create the policy (begin with step Step 3 ).
QoS Policy
Use this dropdown to apply a QoS policy to the view or to switch to a different QoS policy if one is already attached:
From the QoS Policy dropdown, select a QoS policy to associate the view with that QoS policy or select Add New Policy to create a new one, and follow the procedure described in Creating a QoS Policy via VAST Web UI to create a new QoS policy (begin with step Step 4).
Create Directory
If the directory does not already exist in the file system, enable the Create Directory setting to create the directory.
If you selected S3 Bucket or S3 Endpoint in the Protocols dropdown, go to the S3 tab and update the relevant settings as needed:
For S3 Bucket:
S3 Owner. Specify a user to be the bucket owner. This setting is required for S3 buckets.
Under S3 Features:
Note
These features are not available if NFS, NFS4 and/or SMB were selected in the Protocols dropdown.
S3 Versioning. Enables S3 Object Versioning on the bucket. Versioning cannot be disabled after the view is created.
Note
This setting must be enabled if S3 Object Locking is enabled, so it is automatically toggled on when you enable S3 Object Lock.
S3 Object Lock. Enables S3 Object Locking on the bucket. Object locking cannot be disabled after the view is created.
Note
S3 Object Versioning is required to use S3 Object Locking, so the S3 Versioning option is automatically toggeled on when you enable S3 Object Lock.
Retention Mode. If S3 Object Locking is enabled, you can optionally select a default retention mode for objects in the bucket:
None (default). Object versions that are placed in the bucket have no automatic protection but can be configured with a retention period or legal hold.
Governance. Object versions that are placed in the bucket are automatically protected with a retention lock with retention mode set to governance.
Compliance. Object versions that are placed in the bucket are automatically protected with a retention lock with retention mode set to compliance.
For more information about retention modes, see S3 Object Locking Overview.
S3 Retention Period. If S3 Object Locking is enabled, you can optionally set a default retention period for objects in the bucket. If set, object versions that are placed in the bucket are automatically protected with a retention lock with the specified retention period, unless S3 Retention Mode is set to None. Otherwise, by default, each object version has no automatic protection but can be configured with a retention lock or legal hold. For more information the S3 retention period, see S3 Object Locking Overview.
Under S3 Access Control:
Anonymous access. Allows anonymous S3 access to the bucket. If enabled, anonymous requests are allowed, provided that the object ACL grants access to the All Users group (for S3 Native security flavor) or the permission mode bits on the requested file and directory path grant access permission to others (for NFS security flavor). For views with SMB security flavor, anonymous requests are not allowed.
For S3 Endpoint:
Under S3 Access Control:
Bucket Creators (Users). List bucket users by user name. Any request to create an S3 bucket that is sent by S3 API by a user listed here will use the S3 Endpoint view that you are configuring.
Note
Users should not be specified as bucket creators in more than one S3 Endpoint view.
Naming a user as a bucket creator in two S3 Endpoint views will fail the creation of the view with an error.
Bucket Creators (Groups). List user groups by group name. Any request to create an S3 bucket that is sent by S3 API by a user who belongs to a group listed here will use the S3 Endpoint view that you are configuring.
Caution
Take extra care not to duplicate bucket creators through groups. If you specify a group as a bucket creator group in one view and you also specify a user who belongs to that group as a bucket creator user in another view, view creation will not fail. Yet, there is a conflict between the two configurations and the selection of a view for configuring the user's buckets is not predictable.
Anonymous access. Allows anonymous S3 access to the bucket. If enabled, anonymous requests are allowed, provided that the object ACL grants access to the All Users group (for S3 Native security flavor) or the permission mode bits on the requested file and directory path grant access permission to others (for NFS security flavor). For views with SMB security flavor, anonymous requests are not allowed.
If you selected SMB in the Protocols dropdown, you can optionally configure a share-level ACL:
Go to the Share-level ACL tab.
Toggle Enable Share-level ACL on to enable share-level ACL on the view.
When enabled, SMB requests to access the view will fail unless permission is granted to the requesting user by an ACE configured in this dialog.
When disabled, the default share-level ACL applies to the view.
Tip
The default share-level ACL grants Full Control permissions to the Everyone group by default. You can alter this setting on the General tab of the Tenant dialog (choose Element Store -> Tenants -> choose to edit a tenant).
Add share-level ACEs:
Under Search, query a user or group that you want to define an ACE for:
Select a specific Active Directory domain or all domains from the Domain dropdown.
Select the Grantee type (user or group) that you want to search for.
In the Name field, specify the name of the grantee:
For a grantee from the cluster's joined domain, enter the name without the domain name suffix.
For a grantee from domains in other trusted forests, enter the name followed by the domain name suffix: <grantee name>@<domain name>.
Click + Add ACE. The grantee's type and name displayed in the ACL grid.
In the Permission column of the ACL grid, select the permission type that you want to grant to the grantee.
Repeat steps c1 to c3 until you have created all the ACEs that you want to configure.
If you selected SMB in the Protocols dropdown in the General tab, you can optionally configure Access-Based Enumeration (ABE):
Go to the ABE tab.
Note
This tab is available for SMB-enabled views only.
To enable ABE for the view, select SMB in the Protocols dropdown. To disable ABE, select NONE.
Set or modify the maximum directory level (depth) at which ABE is enabled in the Max depth field. If left empty, ABE depth is unlimited.
If the view is to be used as WORM storage, set these fields in the Write Once Read Many tab:
Toggle Enable write once read many (WORM).
Note
This step is irreversible. Once WORM is enabled in a view, it cannot subsequently be disabled.
Select the File Retention Mode (for NFS and SMB) or S3 Retention Mode (for S3) for the view:
Governance. In this mode, locked files cannot be deleted or changed. The Retention settings can be shortened or extended by users with sufficient permissions
Compliance. In this mode, locked files cannot be deleted or changed. Retention settings can be extended, but not shortened, by users with sufficient permissions.
None (S3 only). The retention mode is not set for the view; it is set individually for each object.
Set the Retention settings for the view as follows:
Default Retention Period. This is the period of time a file or object will be locked, if locking is done automatically (Auto-commit is set). It must be in the range Minimum Retention Period and Maximum Retention Period. Set it as minutes (m), hours (h), days (d), or years (y). Example: 4m.
Minimum Retention Period. The minimum retention period for a file or object, once it is locked, in minutes (m), hours (h), days (d), or years (y). This applies both to files locked automatically and to files locked manually.
Maximum Retention Period. The maximum retention period for a file or object, once it is locked, in minutes (m), hours (h), days (d), or years (y). This applies both to files locked automatically and to files locked manually.
Auto-commit period (NFS and SMB only). If set to a non-zero value, files will automatically be locked after the Default Retention Period elapses since from the time the file is saved. If this is set, you do not have to manually set the file to Read-Only to lock them. Set it as minutes (m), hours (h), days (d), or years (y). Example: 4m.
Notice
The WORM feature is available in a specific Service Pack (SP) release only.
Click Update to save your changes.
Modifying Views via VAST CLI
To modify a view via the VAST CLI, use the view modify command.