DEV Community

Cover image for Restore authority with Token Bandwidth Controls!
Kyle Harrison for Cloudsmith

Posted on • Originally published at

Restore authority with Token Bandwidth Controls!

Now you can go beyond measuring your bandwidth usage and regain control via Cloudsmith's new bandwidth controls for Entitlement tokens. You can craft tokens with individual usage limits using the UI, API, and CLI, allowing you to decide the exact level of usage for each token.

Combining the new and existing limits for entitlement tokens, allowances are configurable to provide fine-grained control for any combination of properties. For example, the total amount of bandwidth, number of unique clients using a token, or the maximum number of downloads a token can perform on an individual token basis. Also, you can also scope your tokens by restrictions for advanced control of tokens.

If you are a vendor, you may want to have tiered levels of tokens for different users. Providing higher or even potentially unlimited allowances to your premium users is now possible, whilst maintaining control of your offering to free users with suitable limits. The best part is you can provide a lifetime limit for a token, or you can configure a refresh period to refresh the limits after the period has elapsed. For example, a token with a 1 GB daily limit, will allow up to 1 GB of daily usage and no more. After 1 day has passed, the token will be reset allowing another 1 GB of daily usage.

How it works

Within the Cloudsmith UI for Entitlement tokens, you can edit individual tokens to provide visibility restrictions, usage limits, or even provide additional metadata on the token for your own internal requirements.

To provide a bandwidth restriction with a refresh period. You will need to select a unit of Bandwidth e.g., GB, and enter a corresponding unit of bandwidth you would like to restrict by (e.g., 1GB of bandwidth). A "Monthly" refresh may be more than enough for most users but may prevent misuse of tokens by users accidentally using many TB's of data per month.

In this example, fine-grained bandwidth controls will be configured for the amount of bandwidth usage that token is allowed to consume every month. This is accomplished by selecting a few preset values and entering a bandwidth amount within the Edit Entitlement Token form.

Token Restrictions Form

To configure a 1GB bandwidth limit that resets monthly.

1. Select "Monthly" for "Refresh Token"

(Presets provide values from "Never Reset" to a range between "Daily" to "Annual")

2. Enter a number to Restrict by Bandwidth.

The number should be between 0 - 1000; you can go higher than 1000; however, the unit of bandwidth provides sensible defaults to keep values readable. (e.g. 1000000 bytes can instead be expressed as 1 Megabyte).

3. Select a Unit of Bandwidth.

Values range from a single Byte to an insanely large number of Petabytes.

Finally, select Edit to save your changes to the token. These restrictions will take effect almost immediately.

Token Restricted to 1GB

If you wish to set your limits programmatically, entitlement restrictions are configurable using the Entitlements API.

Finally, the easiest way to get started with making programmatic changes to entitlement tokens and applying restrictions is via the Cloudsmith CLI. Using the following command, you can set all visibility restrictions and usage limits for an entitlement token:

Enter fullscreen mode Exit fullscreen mode

For Example:

cloudsmith entitlements restrict demo/example-repo/GYwg00eEElKs \
        --limit-bandwidth=1 \
        --limit-bandwidth-unit=gigabyte \
        --limit-num-clients=10 \
        --limit-num-downloads=1000 \
        --limit-package-query="package-darwin-amd64"  \
        --limit-path-query=tag:latest \
        --limit-date-range-from=2020-01-01T00:00:00Z \
        --limit-date-range-to=2077-01-01T00:00:00Z \
Enter fullscreen mode Exit fullscreen mode

It's that simple to get started!

Discussion (0)