Manage Access Keys

Each storage bucket in a region can be accessed with one master key pair that provides full access. However, when using Stook with client applications (e.g., Cyberduck) or custom integrations, it is often better to create specific access keys with limited permissions.

Through the Medianova Control Panel, you can create credentials that allow:

• Read Only – Permission to list and retrieve objects from a specified bucket.

• Read & Write – Permission to list, retrieve, add, delete, and modify objects in the specified bucket.

Creating Credentials

Follow these steps to create a new credential and access keys:

1. From the left-hand menu, select Stook Object Storage → Credentials.

2. On the Stook Credentials page, click Create Credential.

   

   • Enter a descriptive Credential Name.

   • Choose the target Stook Bucket and, if needed, provide a Path to restrict the credential to a specific folder.

   • Use Filter Actions or the Expand All / Collapse All links to browse permissions.

   • Either select All S3 Actions or expand the Read, Write, and Bucket Management categories to pick the exact actions the credential should allow.

   • Click Submit to create the credential.

3. The new credential will appear in the list with the selected permission set.

4. To view the Access Key and Secret Key, open the credential detail drawer.

   • To display the Secret Key, you must re-enter your login password.

   

By creating dedicated credentials, you can:

• Limit access to specific buckets.

• Control whether users get full S3 access or only selected Read/Write/Bucket Management actions.

• Use secure keys for external tools and integrations.

This ensures better security and more granular control over your Stook Object Storage environment.