# Access Control

When creating a new bucket, you should apply the following tools and settings to help ensure that all your data stored with OORT Storage are protected.

## Access Keys

To ensure your data security in OORT Storage, it is recommended not to share root user credentials with employees who require access. Instead, individual access keys can be created for each user to enable programmatic requests to work with resources in your account.&#x20;

Access keys are composed of an **access key ID** and a **secret access key**, which must be used together for authentication purposes. OORT Storage allows up to ten access keys per account, making it easy to manage user access and maintain security.

<figure><img src="/files/ShWqDxgBtzNGKYBb5A2T" alt=""><figcaption></figcaption></figure>

## Control access  <a href="#block-public-access-intro" id="block-public-access-intro"></a>

At OORT, we understand the importance of controlling access to your data. With our platform, you can easily set access permissions for each bucket to ensure that only authorized users can access, download, or write to the contents of the bucket.&#x20;

**By default, all buckets are set to private access only**, which means that only users with the appropriate permissions can access the contents of the bucket.&#x20;

However, if you need to host a website using the contents of the bucket, you will need to **enable public access**. When you choose to allow public access, anyone on the internet can read or write objects in the bucket. We advise our users to exercise caution when making a bucket public, and to ensure that only the necessary objects are made accessible to the public.

<figure><img src="/files/9YLQAry1wW6UDdtgAD5E" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
Oort Storage recommends that you **disable** all public access, but before applying any of these settings, ensure that your applications will work correctly without public access.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oortech.com/oort/oort-storage/manage-storage/access-control.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.