Access to the S3

You can access the S3 Object Storage with just one click on the corresponding item in the Menu Bar of the DCD. This opens the Object Storage Management Console, a graphical user interface with which you can manage your S3 objects.

Contract owners and administrators can use this function immediately and activate it for other users.

End points

The S3 Object Storage is not only available in the DCD, but also externally through its API with the following end points:

For the full documentation of our APIs, please refer to the DevOpsCentral.

Enabling the use of object storage

You must have an active Object Storage Key and a corresponding permission to use the IONOS S3 Object Storage. Contract owners and administrators can grant (and remove) this permission to groups in the User Manager.

For each user an Object Storage Key is generated automatically, which is activated when you are granted permission to use the IONOS S3 Object Storage.

Contract owners and administrators have access to the IONOS S3 Object Storage by default.

Prerequisites

  • You are logged on to the DCD. (?)​

  • You are the contract owner or an administrator. (?)​

How to enable the use of object storage

  • Create a new group. (?)​

    • or -

  • Open an existing group.

    Menu Bar > Resource Manager > User Manager > Groups

  • Grant permission:

    • In the Privileges tab, activate the Use Object Storage check box.

    • In the Members tab, add users to the group that you wish to authorize for the use of the object storage.

    The Object Storage Keys of each user is activated together with the authorization. All members of the authorized group can now access the IONOS S3 Object Storage using the corresponding button in the Menu Bar of the DCD.

  • Remove permission:

    • Remove user(s) from the group with the privilege in question.

      • or -

    • Deactivate the check box of the privilege for the group.

    The privilege is no longer available to the selected users.

Open the object storage management console

In order to log on to your IONOS S3 Object Storage by means of a GUI, you can use the Object Storage Management Console, which allows you to manage your objects and buckets.

When you log on to the IONOS S3 Object Storage using the DCD, the DCD manages authentication and authorization so that you can access the object storage with just one click.

Every user is the bucket owner of their own IONOS S3 Object Storage and has full access to its content.

It is not possible to use the Object Storage Management Console to access public buckets or content shared with you by users of other S3 systems. We recommend using suitable S3 clients not only for accessing this type of content, but also for uploading very large files, as the size of individual files that can be uploaded to the IONOS S3 Object Storage is limited to 5 GB. The Object Storage Management Console can only be opened using the DCD and is available in English only.

Depending on their role, users can:

Open your own object storage management console

Prerequisites

  • You are logged on to the DCD. (?)​

  • You are the contract owner or an administrator. (?)​

    • or -

  • You have the permission "Create Object Storage". (?)​

  • You have an active Object-Storage-Key. (?)

  • Your browser allows pop-ups.

How to open your own object storage management console

  • In the Menu Bar of the DCD, click on Object Storage.

    You are now logged on to the selected IONOS S3 Object Storage as the bucket owner.

    The bucket overview of the Object Storage Management Console is displayed in a new window so that you can continue to work on your VDC in the DCD.

  • To log off, click on Sign Out.

Open the object storage management console of another user

Contract owners and administrators can use this functionality to access content stored in the IONOS S3 Object Storage accounts of users who are no longer active members of their contract.

Before you delete a user or all of their Object Storage Keys from your account, please ensure that the content in their S3 Object Storage is accessible so that you can continue to use it or delete it by adjusting the access rights accordingly.

Content set to "private" that has not been removed before the user or all of their Object Storage Keys have been deleted is no longer accessible, but will continued to be charged. In this case, please contact the IONOS enterprise support team.

Prerequisites

  • You are the contract owner or an administrator. (?)​

  • You are logged on to the DCD. (?)​

  • Your browser allows pop-ups.

  • The user has at least one active Object Storage Key. (?)

How to open the object storage manager of another user

  • Open the User Manager. Menu Bar > Resource Manager > User Manager

  • Select the required user.

  • In the Object Storage Keys tab, click on Manage.

    You are now logged on as the bucket owner of the selected IONOS S3 Object Storage.

  • To log off, click on Sign Out.

Managing object storage keys

Logging on to an object storage requires a key ("Object Storage Key") as part of the authentication process. This Object Storage Key consists of key and secret.

For each user an Object Storage Key is generated automatically, which is activated when the user is granted permission to use the S3 Object Storage.

A maximum of five Object Storage Keys may be created per user.

Managing Object Storage Keys includes the following actions:

Generate

A bucket owner can have multiple Object Storage Keys, which can be given to other users or automated scripts. Users using such an additional Object Storage Key to access the S3 Object Storage automatically inherit credentials and access rights of the bucket owner. This can be useful for allowing users automated (scripted) or temporary access to an object storage. When the automated or temporary use is over, the additional Object Storage Key can be deactivated.

Activate/deactivate

Deactivating an Object Storage Key will block access to the S3 Object Storage. A deactivated key can be reactivated and access restored.

Delete

If a key is no longer needed or if it should no longer be possible to gain access to the S3 Object Storage with this key, it can be deleted. This cannot be undone.

Before you delete a user or all of their Object Storage Keys from your account, please ensure that the content in their S3 Object Storage is accessible so that you can continue to use it or delete it by adjusting the access rights accordingly.

Content set to "private" that has not been removed before the user or all of their Object Storage Keys have been deleted is no longer accessible, but will continued to be charged. In this case, please contact the IONOS enterprise support team.​

Depending on their role, users can:

Managing your own object storage keys

All users can manage their own Object Storage Keys.

Prerequisites

  • You are logged on to the DCD. (?)​

  • You are the contract owner or an administrator. (?)​

    • or -

  • You have the permission "Create Object Storage". (?)​

How to manage your own object storage keys

  • Open the Account Management.

    Menu Bar > [Your user name]

  • Generate a key

    • Click on Generate Key:

    • Confirm the action by clicking OK.

      An active Object Storage Key is generated, which can be used for connecting to the IONOS S3 Object Storage of the user.

      β„Ή You can copy Key and Secret from the respective fields to sign in to other object storage applications.

  • Activate or deactivate a key

    • Select the required Object Storage Key.

    • Activate:

      • Select the Active check box.

    • Deactivate:

      • Deactivate the Active check box.

    • Click on Save.

      The key and with it access to the IONOS S3 Object Storage is activated or deactivated. If there is no active Object Storage Key, the Object Storage menu item is not displayed in the Menu Bar of the DCD.

  • Delete a key

    • Select the required key.

    • In the Object Storage Keys tab, click on Delete Key.

      The selected key is deleted and can no longer be used for connecting to the IONOS S3 Object Storage. The key cannot be restored.

Managing the object storage keys of other users

Contract owners and administrators can manage the Object Storage Keys of other users.

Prerequisites

  • You are logged on to the DCD. (?)​

  • You are the contract owner or an administrator. (?)​

How to manage the object storage keys of other users

  • Open the User Manager.

    Menu Bar > Resource Manager > User Manager

  • Select the required user.

  • Generate a key

    • In the Object Storage Keys tab, click on Generate Key.

    • Confirm the action by clicking OK.

      An active Object Storage Key is generated, which can be used to connect to the IONOS S3 Object Storage of the user.

  • Activate or deactivate a key

    • Select the required key.

    • Activate:

      • Activate the Active check box.

    • Deactivate:

      • Deactivate the Active check box.

    • Click on Save.

      The key and with it access to the IONOS S3 Object Storage is activated or deactivated. If there is no active Object Storage Key, the Object Storage menu item is not displayed in the Menu Bar of the DCD.

  • Delete a key

    • In the Object Storage Keys tab, select the required key.

    • Click on Delete Key.

      The selected key is deleted and can no longer be used for connecting to the IONOS S3 Object Storage. The key cannot be restored.

Retrieving S3 IDs

Depending on the selected S3 client, you have various options for sharing buckets, objects, or object versions with users of an S3 Object Storage. In addition to roles and predefined profiles, you can share the content of your buckets with selected users by using their S3 ID (so called "ACL Sharing" or "S3 Sharing").

These S3 IDs are:

Contract-user-ID

The contract-user-ID consists of contract number and user ID (contract number|User UUID). In the Object Storage Management Console, this ID can be used for the sharing of objects with selected users of the entire IONOS S3 Object Storage (not limited to users of your own account).

S3 Canonical-user-ID

Die Canonical-User-ID ist die vom IONOS-S3-Object-Storage fΓΌr einen Benutzer verwendete ID.

Email address

Some S3 clients only require the e-mail address of a registered S3 user for sharing objects as they are capable of converting the e-mail address to the ID required by an object storage.

S3 clients that support the "Display Name" feature will display the e-mail address instead of the ID of a user for better readability.

Depending on their role, users can:

Retrieve your own S3 ID

In order for another user to share the content of their IONOS S3 Object Storage with you, they need your S3 ID, which you will find in the Object Storage Key Manager.

Prerequisites

  • You are logged on to the DCD. (?)​

  • You are the contract owner or an administrator. (?)​

    • or -

  • You have the permission "Create Object Storage". (?)​

How to retrieve you own S3 ID

  • Open the Object Storage Key Manager.

    Menu Bar > Resource Manager > Object Storage Key Manager

  • Open the S3 Sharings drop-down menu.

    The S3 IDs are displayed

You can now copy the required ID and tell the user who wants to share the content of their object storage with you.

Retrieve the S3 IDs of other users

If you want to share the content of your IONOS S3 Object Storage with other users, you need their S3 ID. Contract owners and administrators can retrieve the S3 IDs of their IONOS account users in the User Manager.

Prerequisites

  • You are logged on to the DCD. (?)​

  • You are the contract owner or an administrator. (?)​

How to retrieve the S3 IDs of other users

  • Open the User Manager.

    Menu Bar > Resource Manager > User Manager

  • In the Users tab, select the required user.

  • In the Object Storage Keys tab, open the S3 Sharings drop-down menu.

    The S3 IDs are displayed

You can now copy the required ID and use it for sharing your objects with this user.