In order to use the S3 front-end protocol, first configure Configure the Gateway as described in Gateway Configuration and then perform these additional steps to use the S3 front-end protocol:
Verify the Swarm storage configuration settings are correct, which is required for S3 clients to perform actions such as bucket deletion.
Edit the
gateway.cfgfile for S3 use:In the
[s3]section, enable Enable the S3 front-end protocol .In in the[storage_clusters3]section, define .Define
indexerHostsfor at least one indexer server in the[storage_cluster]section.
Create one or more authentication tokens for each S3 client.
When the S3 front-end protocol is in use, the Gateway must be able to query the Swarm Elasticsearch metadata index servers directly. If you have multiple Include as many as metadata index servers , you can include as many as you wish as needed in the indexerHosts parameter in order to spread the load across them and to provide fail-over in case one becomes unavailable.
The S3 protocol makes use of a shared secret key that is known to the client and the Gateway in order to provide request validation. The client creates an HMAC signature for every authenticated request and the Gateway must independently recreate the signature in order to validate the request. The AWS S3 access key and secret key is implemented with Gateway's token-based authentication.