All buckets you create are scoped to your developer account. You can always find your currently logged in account with
Any bucket you create using the
HUB_ORG setting will also be shared with Org members.
The following sections will cover how to:
- Create a new Org.
- Create a new Bucket shared with an Org.
- Invite a collaborator to the Org.
Create a new Org¶
hub org create Choose an Org name: nasa█ Please confirm: y█
You have now created the
Create a new Bucket shared with an Org¶
The default bucket command is simply
buck because it's two letters less to type each time. If you prefer, you can still type
mkdir launchpad cd launchpad HUB_ORG=nasa hub buck init
You've now created a new Bucket inside of the
launchpad directory and owned by your
Invite a new org member¶
hub org invite
The final step is to invite collaborators to your Org. Once they accept the invite, they'll be able to interact with buckets associated with the Org.
App user Buckets¶
If you're building an app using one of our developer libraries, you can use buckets from inside your apps. Apps generally will create buckets on behalf of each user, meaning the user should retain control of the Bucket metadata and contents.
Bucket Access Roles¶
Buckets can be shared in more ways than organizations.
Multi-writer buckets leverage the distributed nature of ThreadDB by allowing multiple identities to write to the same buckets that are hosted by different Libp2p hosts. Since buckets are ThreadDB collection instances, this is no different than normal ThreadDB peer collaboration.
Read and write access roles are defined in a bucket at any path. Any subpaths automatically inherit the permissions of their parent.
For example, granting read access to your bucket at
/ would also grant read access to a file that exists at
You can set different access rules within the same bucket by using a combination of paths and specified roles at the path.
|Admin||Users with the ability to modify permissions.|
|Writer||Users allowed update data at the specified path.|
|Reader||Users allowed read data at the specified path.|
|Unspecified||Users with any permissions specified path.|
You can specify new users and their roles by inserting their public key into the bucket access rules. Let's take a look at how we update roles using the CLI.
hub buck roles grant -r writer \ bbaareicookqfgeosr225wwdknmpmvgemydxolzxesu6woxghpulxvizose /path/to
IDENTITY ROLE * Reader bbaareicookqfgeosr225wwdknmpmvgemydxolzxesu6woxghpulxvizose Writer bbaareieyrq92sbfcx2bhbmsfxzj25pi7ldx2vkrtcn6hu3xzi4mpzwqvcy Admin > Success! Updated access roles for path /path/to
Success! You can see the new user has been added as a writer to the path
/path/to and that the bucket creator is still listed as the admin.