Networking and ports for platform services

If you allow an S3 tenant to use platform services, you must configure networking for the grid to ensure that platform services messages can be delivered to their destinations.

You can enable platform services for an S3 tenant account when you create or update the tenant account. If platform services are enabled, the tenant can create endpoints that serve as a destination for CloudMirror replication, event notifications, or search integration messages from its S3 buckets. These platform services messages are sent from Storage Nodes that run the ADC service to the destination endpoints.

For example, tenants might configure the following types of destination endpoints:
  • A locally-hosted Elasticsearch cluster
  • A local application that supports receiving Simple Notification Service (SNS) messages
  • A locally-hosted S3 bucket on the same or another instance of StorageGRID Webscale
  • An external endpoint, such as an endpoint on Amazon Web Services.

To ensure that platform services messages can be delivered, you must configure the network or networks containing the ADC Storage Nodes. You must ensure that the following ports can be used to send platform services messages to the destination endpoints.

By default, platform services messages are sent on the following ports:

  • 80: For endpoint URIs that begin with http
  • 443: For endpoint URIs that begin with https

Tenants can specify a different port when they create or edit an endpoint.

Note: If a StorageGRID Webscale deployment is used as the destination for CloudMirror replication, replication messages are received by an API Gateway Node on port 8082. Ensure that this port is accessible through your enterprise network.

If you use a non-transparent proxy server, you must also configure platform services settings to allow messages to be sent to external endpoints, such as an endpoint on the internet.