Overview

The lucid rekey-s3 command allows administrators to update or rotate the underlying S3 storage provider credentials for a filespace. This is critical for maintaining security compliance or updating keys after an administrative rotation on your cloud storage provider.

SSO-authenticated accounts cannot execute the lucid rekey-s3 command. If Single Sign-On (SSO) is currently set to Required for the workspace, you must temporarily switch it to Optional so a native, non-SSO Administrator or Owner account can run the command.

Command usage and syntax

Usage: lucid rekey-s3 [options]

Rekey S3 credentials

Options:

    --access-key key         S3 access key
    --secret-key key         S3 secret key
    --password password      An administrator's password is required to use rekey-s3

Example

lucid rekey-s3 --access-key <access-key> --secret-key <secret-key> --password <password>

Prerequisites for SSO-enabled workspaces

If your workspace enforces SSO, complete these steps before running the command:

1. Select your workspace and navigate to Control Panel > Domain management:
   

2. Select Optional - Authenticate with either SSO or email + password:
   

3. Log out of your current session.

4. Log in using a non-SSO administrator account.

5. Open your terminal and execute the lucid rekey-s3 command.

6. Navigate back to Domain management.

7. Select Required Authentication with SSO only to re-enforce SSO security across the workspace: