IBM Cloud Object Storage S3 account details
To establish a connection to IBM® Cloud Object Storage S3, you must add an account that defines the account details to connect with. You can define these details by creating a configuration object in the App Connect Dashboard, the Red Hat® OpenShift® web console or CLI, or the Kubernetes CLI.
Account parameters
You can define one or more accounts for IBM Cloud Object Storage S3.
For each account that you require, you can specify a new set of account details in any of the following ways:
- If you are using the App Connect Dashboard, either complete the
Account details fields in the
Create configuration
panel, or specify the account parameters in an accounts.yaml file before importing it into theCreate configuration
panel. For more information, see Accounts type. - If you are using the Red Hat OpenShift web console or CLI, or the Kubernetes CLI, specify the account parameters in an accounts.yaml file, and then use this configuration file to create a configuration object. For more information, see Creating the file for a configuration object of type Accounts.
The set of required and optional Account fields or parameters are listed in the following table.
For information about locating the values for these account parameters, see Locating the values for the account parameters.
Field | Parameter | Values | Condition | Description |
---|---|---|---|---|
Account name |
name |
User defined |
Required |
The name of an IBM Cloud Object Storage S3 account that is used in the exported flow. |
Secret access key |
secretAccessKey |
User defined |
Optional |
The secret access key of the instance. Required if the service instance uses HMAC credentials for authentication. |
Access key ID |
accessKeyId |
User defined |
Optional |
The access key ID of the instance. Required if the service instance uses HMAC credentials for authentication. |
Region |
region |
User defined |
Optional |
The region of the instance. Required if the service instance uses HMAC credentials for authentication. |
IAM API key |
apiKey |
User defined |
Optional |
The API key for the instance. Required if the service instance supports Identity and Access Management (IAM) authentication. |
Resource instance ID |
resourceInstanceId |
User defined |
Optional |
The resource instance ID. Required if the service instance supports IAM authentication. |
Endpoint URL |
endpointUrl |
User defined |
Required |
The Cloud Object Storage service endpoint URL for your location or region. Only public endpoints are supported. |
us-geo
location (such as the Endpoint URL
s3.us.cloud-object-storage.appdomain.cloud
), you can access buckets that are listed
with the same location, us-geo
, on the Buckets page of your
IBM Cloud Object Storage S3 instance. If you want App Connect to access buckets from more than one location, you can create
a separate account for each location.Locating the values for the account parameters
- Log in to IBM Cloud.
- From the IBM Cloud Dashboard, click the Cloud Object Storage service instance that you want to work with.
- To view the endpoint URLs, click Endpoint and select your preferred location or region. Then copy your preferred public endpoint (for example, s3.us.cloud-object-storage.appdomain.cloud) and use it as the value for the Endpoint URL field (or endpointUrl parameter).
- To view the service credentials, click Service credentials, then click
View credentials. (If you want to define new credentials, click New
credential.)
- Copy the
apikey
value and use it as the value for the IAM API key field (or apiKey parameter). - Copy the
resource_instance_id
value and use it as the value for the Resource instance ID field (or resourceInstanceId parameter).
- Copy the
- Log in to IBM Cloud.
- From the IBM Cloud Dashboard, click the Cloud Object Storage service instance that you want to work with.
- To view the endpoint URLs, click Endpoint and select your preferred
location or region.
- Copy your preferred public endpoint (for example, s3.us.cloud-object-storage.appdomain.cloud) and use it as the value for the Endpoint URL field (or endpointUrl parameter).
- Copy your preferred location or region (for example,
ap-geo
) and use it as the value for the Region field (or region parameter).
- To view the service credentials, click Service credentials, then click
View credentials. (If you want to define new credentials, click New
credential, click Advanced options, then select
Include HMAC Credential.)
- Copy the cos_hmac_keys/secret_access_key value and use it as the value for the Secret access key field (or secretAccessKey parameter).
- Copy the cos_hmac_keys/access_key_id value and use it as the value for the Access key ID field (or accessKeyId parameter).
Examples
accounts:
ibmcoss3:
- name: Account 1
credentials:
apiKey: AB1cDEf2GhI3JkLMnoPQrStuv4WX5y6ZaB7c8dEfghiJK
resourceInstanceId: >-
crn:v1:bluemix:public:cloud-object-storage:global:a/bcd123efgh4567ij89k0lm23n4567op8:q90rs1tu-234v-5678-9w01-2x3456789012::
endpoint:
endpointUrl: s3.us.cloud-object-storage.appdomain.cloud
ibmcoss3:
- name: Account 1
credentials:
secretAccessKey: 12a3bcd4567890ef123g4567890hij12k1m3n4567o8901p2
accessKeyId: 1a2dfbc3d45678901ef2g3h45678i90jkl
region: ap-geo
endpoint:
endpointUrl: s3.us.cloud-object-storage.appdomain.cloud