Configure authorization for accessing Archil disks using tokens or AWS IAM roles
Archil requires that you specify a list of “Disk Users” who are authorized to connect to your disk. When attempting to mount your Archil disk, only these users will be allowed access.There are multiple ways that you can authorize a user to connect to an Archil disk. The correct method will depend on the location of your Archil disk and the location of the server which wishes to mount the disk.
Archil enforces POSIX permissions for files and folders. However, we do not recommend that you rely on POSIX permissions as a security boundary between untrusted users. Archil does not limit the access of “Disk Users” beyond what POSIX enforces.
Archil natively supports using AWS IAM users or roles to authorize access to the disk. This is the recommended method when mounting from AWS EC2 instances in the same region as your disk.
AWS role authorization only works from within the same region as the disk. If you need to mount from a different region or from outside AWS, use Token Authorization instead.
Navigate to the disk’s Details page in the Archil console
Click Generate Token to create a new authorization token
Copy the generated token - you’ll need it when mounting the disk
Keep this token secure as it grants full access to your disk
Archil does not store tokens in plaintext. Store your token somewhere securely when it’s created because it will not be visible again from the Archil console.