Cloud Accounts

Last modified

This option located under the ‘Configure’ menu ‘allows you to configure how your appliance interacts with the cloud storage service providers that you wish to use.

 

 

A cloud account associates a set of security material (including access key, secret key, encryption key, and in certain cases, a certificate) with a cloud storage service provider.  When a cloud account has been configured, volumes can be created that are associated with that cloud account and then assigned to initiators.  The cloud accounts page is shown below.

 

CloudAccounts1.png

 

The tabular list shows all of the cloud accounts that have been configured, who the cloud storage service provider is, whether or not volumes are associated with the cloud account (as indicated by the ‘In Use’ column), and whether or not AES data-at-rest encryption has been enabled for the cloud account. 

The button labeled ‘Restore Backup Registry’ is to restore the list of Cloud Clones from the configured cloud storage service providers and should only be used in device recovery cases and under the guidance of StorSimple support.

This page will discuss the following functions related to 'Cloud Accounts' -

Back to Top

Creating a Cloud Account

To create a cloud account, click the ‘Create Cloud Account’ icon at the bottom of the cloud accounts list view.  The cloud account properties page will appear as shown below. In this dialog the user can specify:

 

CloudAccounts2.png

 

  • Name - First, provide a name for your cloud account in the text box next to ‘Name’.  This name is used only for description purposes and should be unique. 

 

  • Provider- Select the cloud storage service provider from the drop-down list next to ‘Provider’.  The appliance currently supports configuration of up to 16 cloud accounts, which can be from the following providers:

 

Provider

URL

Amazon Simple Storage Service

http://aws.amazon.com/s3/

Microsoft Azure Storage Service

http://www.microsoft.com/windowsazure/

AT&T Synaptic Storage as a Service

http://www.business.att.com/enterprise/Family/application-hosting-enterprise/storage-as-a-service-enterprise/

EMC Atmos

http://www.emc.com/products/detail/software/atmos.htm

Zetta Storage Service

http://www.zetta.net

 

  • Account Name and Secret Key – The fields presented are different depending upon the cloud provider selected. When configuring a private cloud storage service or a service where the provider gives you an access hostname to use (such as EMC Atmos or Zetta) a ‘Host Name’ field will be presented.  The fully-qualified domain name (FQDN), i.e. the hostname, or the private cloud storage service should be added into this field.With a name and a cloud provider selected, add your access material as supplied by your cloud storage service provider into those fields. 

 

  • Enable Monitoring – This box is checked by default for every cloud account that is created. Checking this option configures the appliance to record detailed statistics for this cloud account, allowing you to filter reporting charts to this specific cloud account.  If you uncheck this box, statistics from this cloud account will be summarized in the global statistics, but you will not be able to filter reporting charts down to this specific cloud account. 

 

Note.pngNote: You can enable monitoring on up to a maximum of 30 objects, where an object is either a cloud account or a volume.

 

  • Enable Rate Limiting and Max. Throughput- If you wish to limit the amount of WAN bandwidth consumed by the appliance for operations involving the cloud, check the box next to ‘Enable Rate Limiting’, and supply a numerical integer value ranging from 1 to 1000 in the box labeled ‘Max Throughput’.  This value defines the maximum bandwidth (in megabits per sec) available for a cloud account for data transfer.

 

Click the ‘Security’ tab to continue.   In this view, the user can specify:

 

CloudAccounts3.png

 

  • Data-at-Rest Encryption (AES)– By default, this option is checked. This allows the appliance to encrypt data prior to storage on the cloud storage service.

 

  • Data-at-Rest (AES) Encryption Key –Supply the key material to be used when encrypting data that is written to this cloud storage account.  If you supply a well-formed 256-bit encryption key in hexadecimal format, the key will be used as is.  If you do not have a key in the right format, supply a passphrase, and the appliance will generate an encryption key from this passphrase. Encryption keys cannot be changed once applied.  If you do not wish to use encryption, uncheck the checkbox next to ‘Data-at-Rest Encryption (AES)’.

 

Note.pngNote: Encryption keys or passphrases can be up to 96 characters in length.

 

Click the ‘General’ tab, and then click the Verify button.  Your appliance will attempt to communicate with your cloud storage service provider, and authenticate using the credentials and access material you have supplied.  An example of successful verification is shown below.

 

CloudAccounts4.png

 

Notice the “Verified” next to the ‘Access Key’ and ‘Secret Key’ fields.  This indicates that your appliance was able to communicate with your cloud storage service provider.  Should verification fail, an error message will appear in its place.  Error messages include:

 

  • Access Forbidden– this error means that either your access key or secret key are incorrect, or your account with your cloud storage service is not active.

  • Invalid Hostname – this error message will only be displayed when your appliance is unable to resolve the hostname for a cloud storage provider.

  • Invalid Credentials – this error means that the access key or secret key material you supplied was invalid and should be checked using the tools supplied by your cloud storage service provider.

 

Once you have verified your cloud storage service account, click the ‘Save’ button to save the cloud account.  You can only save a cloud account once it has been verified.

Back to Top

Verifying a Cloud Account

To verify a cloud account, click the ‘Edit’ icon  to the left of the cloud account name to open the cloud account properties page. Click the ‘General’ tab, and then click the ‘Verify’ button.  Your appliance will attempt to communicate with your cloud storage service provider, and authenticate using the credentials and access material you have supplied.  An example of successful verification is shown above.  The previous section documents the list of responses that may be encountered when attempting to verify a cloud account.

Back to Top

Editing a Cloud Account

To edit a cloud account, click the ‘Edit’ icon  to the left of the cloud account name to open the cloud account properties page.  If you make any changes, be sure to click ‘Save’ to save those changes.  The appliance will verify the cloud account should any changes be made, and the cloud account will not be able to be saved until it can be verified.

 

The following items cannot be changed once a cloud account is created:

  • Provider
  • Data-at-Rest (AES) Encryption Key

Back to Top

Deleting a Cloud Account

To delete a cloud account, first look in the tabular list of cloud accounts to see if a cloud account is in use by any volumes.  Notice the presence or lack of the check icon  in the following diagram.

 

 CloudAccounts5.png

 

If the checkmark is present, it means that a cloud account is used by volumes on the system, and thus cannot be deleted.  If the checkmark is not present, it means that a cloud account is not being used by any system volumes and can be deleted. 

 

Before attempting to delete a cloud account that is in use, first delete any volumes associated with that cloud account, as in use cloud accounts cannot be deleted.  Only cloud accounts that are not in use can be deleted.  When attempting to delete a cloud account, if the cloud account is in use, your appliance will notify you in a pop-up that the cloud account cannot be deleted.  If the cloud account is not in use, your appliance will prompt you for confirmation that you wish to delete the cloud account.

Back to Top

Related

Page statistics
1213 view(s) and 6 edit(s)
Social share
Share this page?

Tags

This page has no custom tags.
This page has no classifications.

Comments

You must to post a comment.

Attachments