Restore Authority with Token Bandwidth Controls!

Aug 6 2021/DevOps/3 min read
Restore authority with Token Bandwidth Controls
Token Bandwidth Controls allow you to set limits on how much bandwidth an individual Entitlement Token can use, giving you yet more control over your costs and usage.

Now you can go beyond measuring your bandwidth usage and regain control via Cloudsmith's new bandwidth controls for Entitlement tokens. You can craft tokens with individual usage limits using the UI, API, and CLI, allowing you to decide the exact level of usage for each token.

Combining the new and existing limits for entitlement token, allowances are configurable to provide fine-grained control for any combination of properties. For example, the total amount of bandwidth, number of unique clients using a token, or the maximum number of downloads a token can perform on an individual token basis. Also, you can also scope your tokens by restrictions for advanced control of tokens.

If you are a vendor, you may want to have tiered levels of token's for different users. Providing higher or even potentially unlimited allowances to your premium users is now possible, whilst maintaining control of your offering to free users with suitable limits.

The best part is you can provide a lifetime limit for a token, or you can configure a refresh period to refresh the limits after the period has elapsed. For example, a token with a 1 GB daily limit, will allow up to 1 GB of daily usage and more more. After 1 day has passed, the token will be reset allowing another 1 GB of daily usage.
How it works

Within the Cloudsmith UI for Entitlement tokens, you can edit individual tokens to provide visibility restrictions, usage limits, or even provide additional metadata on the token for your own internal requirements.

To provide a bandwidth restriction with a refresh period. You will need to select a unit of Bandwidth e.g., GB, and enter a corresponding unit of bandwidth you would like to restrict by (e.g., 1GB of bandwidth). A "Monthly" refresh may be more than enough for most users but may prevent misuse of tokens from users accidentally using many TB's of data per month.

In this example, fine-grained bandwidth controls will be configured for the amount of bandwidth usage that token is allowed to consume every month. This is accomplished by selecting a few preset values and entering a bandwidth amount within the Edit Entitlement Token form.

To configure a 1GB bandwidth limit that resets monthly.

  1. Selecting Refresh token and choose Monthly

Presets provide values from "Never Reset" to a range between "Daily" to "Annual".

2. Enter a number to Restrict by Bandwidth.

The number should be between 0 - 1000; you can go higher than 1000; however, the unit of bandwidth provides sensible defaults to keep values readable. (e.g. 1000000 bytes can instead be expressed as 1 Megabyte).

3. Select a Unit of Bandwidth.

Values range from a single Byte to an insanely large number of Petabytes.

Finally, select Edit to save your changes to the token. These restrictions will take effect almost immediately.

If you wish to set your limits programmatically, entitlement restrictions are configurable using the Entitlements API.

Finally, the easiest way to get started with making programmatic changes to entitlement tokens and applying restrictions is via the Cloudsmith CLI. Using the following command, you can all visibility restrictions and usage limits for an entitlement token.

cloudsmith entitlements restrict example/testing/1xYSdAxlIqIV \
        --limit-bandwidth=1 \
        --limit-bandwidth-unit=gigabyte \
        --limit-num-clients=10 \
        --limit-num-downloads=1000 \
        --limit-package-query="package-darwin-amd64"  \
        --limit-path-query=tag:latest \
        --limit-date-range-from=2020-01-01T00:00:00Z \
        --limit-date-range-to=2077-01-01T00:00:00Z \
cloudsmith entitlements restrict

It's that simple to get started!

Get our next blog straight to your inbox