s3-tests/s3tests.conf.SAMPLE

[DEFAULT]
## this section is just used for host, port and bucket_prefix

# host set for rgw in vstart.sh
host = localhost

# port set for rgw in vstart.sh
port = 8000

## say "False" to disable TLS
is_secure = False

## say "False" to disable SSL Verify
ssl_verify = False

[fixtures]
## all the buckets created will start with this prefix;
## {random} will be filled with random characters to pad
## the prefix to 30 characters long, and avoid collisions
bucket prefix = yournamehere-{random}-

[s3 main]
# main display_name set in vstart.sh
display_name = M. Tester

# main user_idname set in vstart.sh
user_id = testid

# main email set in vstart.sh
email = tester@ceph.com

# zonegroup api_name for bucket location
api_name = default

## main AWS access key
access_key = 0555b35654ad1656d804

## main AWS secret key
secret_key = h7GhxuBLTrlhVUyxSPUKUV8r/2EI4ngqJxD7iBdBYLhwluN30JaT3Q==

## replace with key id obtained when secret is created, or delete if KMS not tested
#kms_keyid = 01234567-89ab-cdef-0123-456789abcdef

## Storage classes
#storage_classes = "LUKEWARM, FROZEN"

## Lifecycle debug interval (default: 10)
#lc_debug_interval = 20

[s3 alt]
# alt display_name set in vstart.sh
display_name = john.doe
## alt email set in vstart.sh
email = john.doe@example.com

# alt user_id set in vstart.sh
user_id = 56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234

# alt AWS access key set in vstart.sh
access_key = NOPQRSTUVWXYZABCDEFG

# alt AWS secret key set in vstart.sh
secret_key = nopqrstuvwxyzabcdefghijklmnabcdefghijklm

#[s3 cloud]
## to run the testcases with "cloud_transition" attribute.
## Note: the waiting time may have to tweaked depending on
## the I/O latency to the cloud endpoint.

## host set for cloud endpoint
# host = localhost

## port set for cloud endpoint
# port = 8001

## say "False" to disable TLS
# is_secure = False

## cloud endpoint credentials
# access_key = 0555b35654ad1656d804
# secret_key = h7GhxuBLTrlhVUyxSPUKUV8r/2EI4ngqJxD7iBdBYLhwluN30JaT3Q==

## storage class configured as cloud tier on local rgw server
# cloud_storage_class = CLOUDTIER

## Below are optional -

## Above configured cloud storage class config options
# retain_head_object = false
# target_storage_class = Target_SC
# target_path = cloud-bucket

## another regular storage class to test multiple transition rules,
# storage_class = S1

[s3 tenant]
# tenant display_name set in vstart.sh
display_name = testx$tenanteduser

# tenant user_id set in vstart.sh
user_id = 9876543210abcdef0123456789abcdef0123456789abcdef0123456789abcdef

# tenant AWS secret key set in vstart.sh
access_key = HIJKLMNOPQRSTUVWXYZA

# tenant AWS secret key set in vstart.sh
secret_key = opqrstuvwxyzabcdefghijklmnopqrstuvwxyzab

# tenant email set in vstart.sh
email = tenanteduser@example.com

#following section needs to be added for all sts-tests
[iam]
#used for iam operations in sts-tests
#email from vstart.sh
email = s3@example.com

#user_id from vstart.sh
user_id = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef

#access_key from vstart.sh
access_key = ABCDEFGHIJKLMNOPQRST

#secret_key vstart.sh
secret_key = abcdefghijklmnopqrstuvwxyzabcdefghijklmn

#display_name from vstart.sh
display_name = youruseridhere

#following section needs to be added when you want to run Assume Role With Webidentity test
[webidentity]
#used for assume role with web identity test in sts-tests
#all parameters will be obtained from ceph/qa/tasks/keycloak.py
token=<access_token>

aud=<obtained after introspecting token>

sub=<obtained after introspecting token>

azp=<obtained after introspecting token>

user_token=<access token for a user, with attribute Department=[Engineering, Marketing>]

thumbprint=<obtained from x509 certificate>

KC_REALM=<name of the realm>