S3 Protocol Configuration
Configure the Gateway as described in Gateway Configuration and then perform these additional steps to use the S3 front-end protocol:
Verify the Swarm storage configuration settings (Configuring Swarm Storage for Gateway) is correct, which is required for S3 clients to perform actions such as bucket deletion.
Edit the
gateway.cfg
file for S3 use:Enable the S3 front-end protocol in the
[s3]
section.Define
indexerHosts
for at least one indexer server in the[storage_cluster]
section.
Create one or more authentication tokens for each S3 client.
When the S3 front-end protocol is in use, the Gateway must be able to query the Swarm Elasticsearch metadata index servers directly. Include as many metadata index servers as needed in the indexerHosts parameter to spread the load and provide fail-over in case one becomes unavailable.
The S3 protocol uses a shared secret key known to the client and the Gateway to provide request validation. The client creates an HMAC signature for every authenticated request and the Gateway must independently recreate the signature to validate the request. The AWS S3 access key and secret key are implemented with Gateway's token-based authentication (S3 Protocol Special Topics | S3ProtocolSpecialTopics tokens).
© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.