Use Cases for Yarkon

The following are some basic common use cases for the Yarkon solution. Your situation is probably different, but nevertheless, it is likely similar enough to one of these use cases, so you can get a good idea on what can be done with Yarkon and how it can help you solve your problem.

If your use case is different than any of the below listed, please let us know. We will be happy to look into your situation and see if and how Yarkon can be used.

The Small Business

Use Case

You are using AWS S3 for file storage in your small business. Being a small operation, everyone helps. And everyone has access to the files.

The Yarkon Solution

Use Yarkon Cloud for your S3 user interface, using the Shared Security Model. End users do not need to have access to S3, or even have an AWS account created for them. They can use their email and a password they choose to login. The system administrator adds and removes users as needed. Only one set of API keys is needed and only the administrator ever gets to use them.

The Enterprise Application

Use Case

You have a large organization, with numerous users requiring different access levels to the organization’s files. You need to have fine control over user permissions, ensuring that users only get access to what is required for them to do their jobs. Adding and removing users should be easy and always available to the administrator. Another requirement is compliance – you cannot share your access keys with anyone, not even with a cloud based solution. In fact, you need to run all services inside your own VPC, utilizing your own controls and procedures.

The Yarkon Solution

Yarkon Server is the solution for you. It runs in an AMI you host, so you don’t have to share your credentials with any provider. You don’t even need to enter the credentials anywhere. Just assign the proper role to the instance and it will pick its credentials from the environment, without any human ever seeing the credentials, not even the administrator. For more, see

Use AWS IAM to have full control over user permissions. It is considered “best practice” to do it at the group level, but you can be more granular and create access policies at the user level. Then, use Yarkon with the Integrated Security Model or the Federated Security Model. User permissions will be exactly what you specified on the server side. You can even use the Yarkon Admin Console to verify what the permissions granted to the end users would be, quite helpful when you have a complex structure.

Checkout this document for one way to set up your AWS organization.

The Service Provider

Use Case

You provide your users with a service that utilizes S3, such as a backup subscription, or a back-end service that you require your clients to upload files for processing. You want to give them a simple user interface to use when accessing their files. But you only use your S3 account, it is critical that different clients would never have access to each other files.

The Yarkon Solution

You can use either Yarkon Cloud or Yarkon Server to meet your requirements. Make sure to set up your clients’ permissions as described in the document on setting up AWS for explicit client access. Using the Integrated Security Model or the Federated Security Model will ensure that user permissions are controlled.