Document Hub
OMD users can access documents related to the following OMD entities:
- customers
- service objects
- resources
- tasks
- products
- territory
- configuration
The documents for these entities are mapped to specific folders in the cloud storage system. For example,
a task on instance prod in configuration 1234567 having externalId SE29474 is stored in prod-1234567/tasks/SE29474.
S3 Storage
For S3 storage, files are referred to with a key value. Folders do not exist and are therefore represented by a prefix of the key. For the example above, the key of the file is tasks/SE29474, having prefix tasks/. It is stored in bucket prod-1234567.
Preferences
All preferences of a configuration are retrieved from OMD's preference table. The preferences include:
- omd.documents.serviceprovider (default s3)
- omd.documents.s3.endpoint
- omd.documents.s3.region
- omd.documents.s3.pathstyle
- omd.documents.s3.bucketname
- omd.documents.s3.accesskey
- omd.documents.s3.secretkey
- omd.documents.s3.expiration (in seconds)
Authentication
with All requests must pass an OMD configuration token (JWT) into the Authorization header. The service can then quickly decide if the user has permission to read/write to the configuration.
The following rules apply:
- web users having read access to a configuration can read documents for all entities
- web users having read-write access to a configuration can read and write documents for all entities
- resources can read documents for all entities
Recycle Bin
All providers implement a recycle bin, i.e. all deleted files are temporarily moved to a dedicated space before they are finally purged. The infrastucture providing the document storage must implement the purge individually, for example, by appling a cronjob that deletes outdated objects in the bin folder on a regular basis.
For S3, we apply a .deleted folder with an indentical structure, i.e. an object in {{bucketname}}/tasks/{{taskId}}/file.txt is copied to {{bucketname}}/.deleted/tasks/{{taskId}}/file.txt before it is purged. Note that moving an object in S3 is not possible.