Using the Amazon S3 Compatibility API, customers can continue to use their existing Amazon S3 tools (for example, SDK clients) and partners can make minimal changes to their applications to work with PropelCLOUD Object Storage. The Amazon S3 Compatibility API and PropelCLOUD Object Storage datasets are congruent. If data is written to the Object Storage using the Amazon S3 Compatibility API, the data can be read back using the native Object Storage API and conversely.
Reduced Edge Storage Requirements:
The Object Storage Service provided by PropelCLOUD Infrastructure and Amazon S3 use similar concepts and terminology. In both cases, data is stored as objects in buckets. The differences are in the implementation of features and tools for working with objects.
The following highlights the differences between the two storage technologies:
– Compartments
Although Amazon S3 doesn’t use compartments, any buckets created using the Amazon S3 Compatibility API are created in the root compartment of the PropelCLOUD Infrastructure tenancy.
– Global bucket namespace
PropelCLOUD Object Storage doesn’t use a global bucket namespace. Bucket names must be unique within the context of a namespace, but bucket names can be repeated across namespaces or across regions. Each tenant is associated with one default namespace that spans all compartments within a region.
– Encryption
The PropelCLOUD Infrastructure Object Storage service encrypts all data only in transit by default. Encryption can’t be turned on or off using the API. We find it best for your customer software to manage at rest encryption. You can however login to our storage management portal and either (a) Generate encryption keys or (b) provide your own encryption keys which will then allow you to enable encryption within PropelCLOUD.
– Object Level Access Control Lists (ACLs)
PropelLCLOUD does not use ACLs for objects. Instead, IAM policies are used to manage access to compartments, buckets, and objects.
Amazon S3 Compatibility API Support
Amazon S3 Compatibility API support is provided at the bucket level and object level.
– API Implementation
PropelCLOUD supports the following Amazon S3 API Requests:
* PUT request to create a bucket
* GET bucket location
* DELETE bucket
* GET to list buckets
* GET to list contents of a bucket (list objects)* PUT object to upload new file
* DELETE to delete object from bucket
* PUT with header x-amz-copy-source to copy object
* HEAD to get object metadata
– S3 Signatures Supported
* The S3 API supports V2 and V4 signatures. Which one is used is dependent on the client request.
Enabling Application Access to Object Storage
To enable application access from Amazon S3 to Object Storage, you need to set up access to PropelCLOUD Infrastructure (purchase a subscription) and modify your application.
Setting up access to PropelCLOUD Infrastructure:
Create a PropelCLOUD Infrastructure tenant.
An unique Amazon S3 Compatibility API key is automatically generated for each user in your account. An Amazon S3 Compatibility API key consists of an Access Key/Secret key pair.
Modifying your application:
Configure a new endpoint for the application. For example: namespace.us.propecloud.co
No target region needs to be set. Production and Failover regions are designated during provisioning of your account and are accessed via the one endpoint url.
Configure the application to use the Amazon S3 Compatibility API key.
Ensure that you aren’t using the virtual-hosted style URL, which is not supported.
At this point, you can start accessing Object Storage.
Amazon S3 Compatibility API Requirement
Before you can use the Amazon S3 Compatibility API, you must login to our storage management portal and retrieve your Amazon S3 Compatibility API key.
After you’ve retrieved the necessary key, you can use the Amazon S3 Compatibility API to access Object Storage in PropelCLOUD Infrastructure. For more information, please open a support ticket. https://login.propelcloud.co