Amazon S3 - Access & Secret Access Keys
Use the following information to add or modify an Amazon S3 cloud storage library with Access & Secret Access Key authentication in the Add / Edit Cloud Storage (General) dialog box in CommCell Console.
Note: Refer to Amazon S3 documentation for additional information on the inputs required in this dialog box.
Access & Secret Access Key - This is the default authentication.
A valid endpoint name for the Amazon S3 region provided by the agency.
s3.[region].amazonaws.com. For example,
To find the region, see https://docs.aws.amazon.com/general/latest/gr/rande.html.
- For Amazon S3 Transfer Acceleration, service host provider name must be provided as
- For Amazon S3 Access Points, service host provider name must be provided as
For more information about Amazon Access Points, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html.
Select a pre-defined credential from the list.
To define a new credential, click the Add New button from the list. The following information is required.
- Credential Name: An user-defined name for the credential.
- Access Key ID: Access key ID for the account.
- Secret Access Key:Secret Access Key for the account
Click the Detect button to detect an existing bucket.
Note: Sometimes, existing bucket list may not get populated while detecting the buckets, as some vendors may not support this operation, or if there are no permissions to complete the operation. In such cases, type the name of the existing bucket that you want to use. The system will automatically use the existing bucket if it is available.
For Amazon S3 Access Points, enter the bucket/container as follows:
[accesspoint name]-[account id]
The following actions must be enabled for the bucket before configuring the library: (sample json file with these actions.)
CreateBucketpermission is required only when the bucket must be created by the MediaAgent while configuring the cloud storage. (This permission can be skipped if an existing bucket is used for configuring the cloud storage.)
ListAllMyBucketspermissions request is required for the Detect button to work.
- To recall data from Amazon Glacier Glacier/Deep Archive or Combined Tier Storage Classes, make sure that the user associated with the bucket has the
RestoreObjectpermission. For more information on POST Object restore, see https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOSTrestore.html.
The following storage classes are supported:
- Standard - Infrequent Access
- One Zone - Infrequent Access
- Intelligent - Tiering
- Standard/Glacier (Combined Storage Tiers)
- Standard-IA/Glacier (Combined Storage Tiers)
- One Zone-IA/Glacier (Combined Storage Tiers)
- Intelligent-Tiering/Glacier (Combined Storage Tiers)
- Standard/Deep Archive (Combined Storage Tiers)
- Standard-IA/Deep Archive (Combined Storage Tiers)
- One Zone-IA/Deep Archive (Combined Storage Tiers)
- Intelligent-Tiering/Deep Archive (Combined Storage Tiers)
- Deep Archive
- Reduced Redundancy Storage
Reference https://aws.amazon.com/s3/storage-classes/ for more information.
Amazon S3 - Performance
The performance of S3 reads is better when multiple mount paths are created instead of one single mount path.
Therefore, depending on the estimated Front-End Terabyte (FET) capacity in your environment, create a mount path for every 25 terabyte (TB) of data.
For example if the estimation is 100 TB, then create 4 mount paths.
Note that the same bucket can be used to create the second and subsequent mount paths. A unique base folder will be created for each mount path under the bucket.
In addition, make sure that the Spill and Fill Mount Paths option is enabled in the Library Properties. This setting will help to distribute the objects across different partitions in the bucket, making the retrieval of the objects faster. For more information on this option, see Parameters for Mount Path Usage.
- Migrating Data to Amazon S3 Using Snowball
- Configuring AWS Tape Gateway
- Enabling Server-Side Encryption with Amazon S3-Managed Keys
- Disabling Object Tagging in Amazon S3 Storage
- How is Data Stored and Managed in the Various Amazon S3 Archive Storage Classes
- Amazon S3 Cloud Library Creation Fails or Library Goes Offline with Access Denied Error
Last modified: 5/11/2021 10:39:01 AM