Amazon S3 Adapter Configuration
This section will provide you details on how to configure a storage endpoints connection string to utilize the S3 Adapter. Please refer to the StoragePoint Reference Guide for information on managing Storage Endpoints.
Please note that the adapter was upgraded with the release of StoragePoint 5.3 to support the latest protocols. Please upgrade to this version if you are experiencing errors connecting to Amazon storage.
On the Application Management page, click Storage and Backup Endpoints.
Click Create New Endpoint or click the name of an existing storage endpoint that you want to edit.
Click the Show link next to the Advanced Adapter Settings to see the additional fields.
Amazon S3 Adapter Connection String Parameters
|
Setting |
Value/Options | ||
|---|---|---|---|
|
Name |
Enter the unique name of the Storage or Backup Endpoint. | ||
|
Type See Backup Services Settings in the Reference Guide for more information on how Backup Endpoints are used. |
Primary this endpoint will be available for externalization when creating storage profiles. Backup this endpoint will be in the Backup Services dropdown on the profile page. The selection is locked down when saving. | ||
|
Status |
Online Storage Endpoint should be available to associate to a Storage Profile and accept BLOBs. (default) Offline (Read Only) A storage endpoint can be configured, but not made available for externalizing content. The BLOBs already on the endpoint are still read only. | ||
|
|
Select the adapter for the endpoint that is being created. | ||
|
|
The Access Key ID provided by Amazon when you signed up for the S3 service. Required. | ||
|
|
The Secret Access Key provided by Amazon when you signed up for the S3 service. Required. | ||
|
|
The container within your S3 account where content associated with a storage profile will be stored. Bucket names are case sensitive and unique across the entire S3 service namespace. | ||
|
|
(true/false) Determines whether or not the adapter negotiates an SSL connection for all data (and metadata) transfers. Default = True. | ||
|
|
Used to take the URL (optionally including a port) of a simple non-authenticating proxy that will be used when communicating with Amazon services. | ||
|
|
IP or DNS name that represents the access point for the Amazon AWS service. Default = s3.amazonaws.com | ||
|
|
Port used to access the Amazon S3 service. Default = 80 (443 if UseSSL is True) | ||
|
|
(Yes/No) If UseSSL is Yes, the StrictSSL flag controls whether or not the use of "self-issued" or otherwise suspicious certificates on the system will be tolerated. | ||
|
|
Used in AWS4 request signing, this is an optional property; change it only if the region cannot be determined from the service endpoint.
For custom or private clouds or where StoragePoint cannot automatically retrieve the region because of security or permission reasons. | ||
|
|
If supplied, the Amazon adapter will calculate and supply a retention policy when saving content. This only works if S3 Object Lock is enabled. Possible settings: Delete Allowed No special permissions are required to delete content on this endpoint.
Permanent This sets Compliance mode enabled.
Indefinite Sets Compliance mode disabled. Content cannot be deleted, but retention can be changed at a later time.
Date Format This sets a date for the retention policy. Click the calendar icon to select a date, or type it like this example: 08/31/2029
Duration/Interval Type a number in the first box, and select an interval from the dropdown. The interval may be days (D), months (M) or years (Y).
| ||
|
|
Putting a Hold prevents an object version from being overwritten or deleted and remains in effect until removed. Prevent Parts Deletion | ||
|
|
If the endpoint is on a WORM (Write Once, Read Many) device, Unused BLOB Cleanup will ignore this endpoint. | ||
|
|
No Externalized content BLOBs are not placed in folders (default). Yes Externalized content BLOBs are placed in folders. If Folder Content in BLOB Store is Yes then you can select a date/time folder scheme from the dropdown. YYYY/MM/DD/HH/MM is the default. | ||
|
|
The Test Storage Settings button can be used at this point, or after completing the endpoint configuration, to verify that the endpoint is accessible. For some adapters, testing the connection will create the bucket if it doesn't already exist. | ||
|
|
No Externalized content BLOBs are not compressed (default). Yes Externalized content BLOBs are compressed. | ||
|
|
None Encryption will not be applied to externalized BLOBs (default). AES (128 bit) 128 bit AES encryption will be applied to externalized BLOBs. AES (256 bit) 256 bit AES encryption will be applied to externalized BLOBs. | ||
|
|
Enter a passphrase to use when generating the encryption key. Using a passphrase will help you re-create the encryption key if necessary. You can generate a random key by leaving the box blank and clicking the Generate Key button. The encryption key passphrase will be hidden. | ||
|
|
A warning email can be sent if the endpoint encounters errors. | ||
|
|
An online storage endpoint can be automatically taken offline if it encounters errors. If a storage endpoint is taken offline automatically, BLOBs that were intended to be written to that endpoint will go to the content database. | ||
|
|
Default email addresses for system error and offline notification can be entered. Check the box to include the list of Default Notification Contacts specified on the General Settings page. |
Example Storage Endpoint using Amazon S3 Adapter
Click the Show Connection String checkbox to edit the connection string. Otherwise, fill in the connection fields shown for the adapter selected. Notice that the connection string parameters are name/value pairs separated by semi-colons.
|
|
NOTE: Adapter parameters are not case-sensitive. |
|
|
NOTE: You should always use a passphrase when generating encryption keys. The passphrase gives you a means of re-creating keys should they become unrecoverable or corrupt. It is very important to remember or record the passphrase outside of Metalogix StoragePoint. Otherwise, encrypted content could become irretrievable in the event of a database failure. |
If you choose to externalize content you should test the storage profile settings by clicking the Test Storage Settings button. A message under the button will indicate whether or not the test was successful. If the test fails the message will include the error that was the root cause of the failure.
|
|
NOTE: When testing access to an endpoint from within Central Administration, the Identity of the Application Pool hosting the Central Administration Site is the one that is being used for the test. If there are different Identities used for other Web Applications in the Farm then those identities will also need access but cannot be tested from within Central Admin itself. See BLOB Store Security and Metalogix StoragePoint Required Privileges in the Metalogix StoragePoint Reference Guide. |
Appendix: Troubleshooting