Amazon S3 storage component settings
Each Amazon S3 component represents a single endpoint that’s used to access cloud storage using one or more Amazon S3 Web Services user accounts.
To enable HCP to access the storage that’s represented by an Amazon S3 storage component, when you create that component, you specify the following information:
- The component name.
- Optionally, a description of the component.
- Optionally, the network you want HCP to use for communication with storage component. This field is only visible if Virtual network management is enabled.
- Whether you want HCP to use the default endpoint, s3.amazonaws.com, to connect to Amazon S3 Web Services, and if not, the fully qualified domain name (FQDN) of the endpoint that you want HCP to use instead of the default.
- Optionally, any of these advanced configuration settings:
- Whether you want HCP to use HTTPS to access the endpoint, and if so, the HTTPS port you want to use to connect to the endpoint (default is 443)
- The HTTP port you want to use to connect to the endpoint (default is 80)
- Whether you want to use a proxy server to connect to the endpoint, and if so, the following information about the proxy server:
- The hostname or IP address of the proxy server
- The port number you want to use to connect to the proxy server (default is 0)
- The user name, password, and AD domain of the user account that HCP needs to use to access the proxy server
- Whether you want HCP to use path-style URLs to access the storage that’s represented by the storage component, and if so, the region that includes the Amazon S3 Web Services datacenter that hosts the storage that’s represented by this component. If you select this option, you need to specify a region-specific endpoint instead of using the default endpoint.
- The region that includes the Amazon S3 Web Services datacenter that hosts the storage that’s represented by this component (default is us-east-1).
For faster access to storage located in a particular region, you should specify a region-specific endpoint instead of using the default endpoint.
- Whether the extended storage component supports S3 metadata on objects. If you are unsure whether S3 metadata is supported, contact your service provider.
- In the Max metadata size field, type the maximum size (in bytes) of the S3 metadata that will be attached to objects tiered to the storage component. Each extended storage service provider permits a different maximum size. Contact your service provider to learn the maximum size.
- Whether the storage that’s represented by this component is considered to be compliant.
- The account label that you want to associate with the initial Amazon S3 Web Services user account that you want HCP to use to access the storage that’s represented by the component. In the System Management Console, HCP uses the account label to represent the user account with the specified credentials.
- The authentication type you want to use to authenticate all requests sent from HCP to the storage component.
- The access key and secret key for the Amazon S3 Web Services user account that you want HCP to use to access the storage that’s represented by the component. After you create an Amazon S3 storage component, you can modify it to specify credentials for one or more additional user accounts.
- If you are using AWS STS or CAP authentication, the authentication endpoint text field appears. This is the endpoint to which you send your credentials in order to generate an AWS STS authentication token.
- If you are using CAP authentication, the following additional fields are displayed:
- Authentication port field. Enter the port of your CAP endpoint.
- Authentication certificate drop down menu. Select the account certificate that connects HCP to the CAP authentication endpoint. To see the account certificate in the dropdown field, it must already exist in the HCP system.
- Optionally, any custom request headers that you want HCP to include in the access request URLs that are sent to Amazon S3 Web Services to request read or write access to the storage associated with the specified user account.
- Whether you want to access existing buckets associated with the specified user account. If yes, enter the name of each existing bucket to access.
At any given time, a bucket can be associated with only one storage component.
You can add an existing bucket to an Amazon S3 storage component only if that bucket is empty or has only HCP data in it.
- Whether you want to create any new buckets for the specified user account. If yes, enter the name of each new bucket to create.NoteBy default, the Add Component wizard displays a list of the existing buckets that HCP can access using the specified user account credentials. However, the wizard does not display the controls required to create a new bucket. To create a new bucket, you must click Bucket Actions, select Create new from the dropdown list, and specify the name of the bucket you want to create.