You must create at least one endpoint of the correct type before you can enable a platform service.
Before you begin
You must be signed in to the Tenant Manager using a supported browser.
Platform services have been enabled for your tenant account by a StorageGRID grid administrator.
You belong to a user group that has the Manage Endpoints permission.
The resource referenced by the endpoint has already been created:
CloudMirror replication: S3 bucket
Event notification: SNS topic
Search integration: Elasticsearch index
Note: You must create the Elasticsearch index before you create the endpoint. Endpoint validation is done using the Elasticsearch index. The type will be dynamically created when object metadata is first sent to the destination.
You have the information needed to create the endpoint, including the endpoint's Uniform Resource Identifier (URI) and Unique Resource Name (URN); the access key ID and the secret access key for the destination service, if required; and the security certificate that will be used to validate TLS connections to the endpoint.
Steps
Select S3 > Endpoints.
The Endpoints page opens and shows the list of endpoints that have already been configured.
Click Create to create a new endpoint.
Enter the following information:
Field
Description
Display Name
A name that briefly describes the endpoint and its purpose.
The type of platform service that the endpoint supports is shown beside the endpoint name when it is listed on the Endpoints page, so you do not need to include that information in the name.
URI
The Unique Resource Identifier (URI) of the endpoint.
Specify the endpoint URI in one of the following formats:
https://host:port
http://host:port
If you do not specify a port, port 443 is used for HTTPS URIs and port 80 is used for HTTP URIs.
For example, an endpoint for a bucket hosted on StorageGRID might have a URI of the form https://api-gateway-node.storagegrid.example.com:8082, while the URI for a bucket hosted on AWS might be https://s3-aws-region.amazonaws.com
URN
See "Specifying the URN for an endpoint."
You cannot change this value after the endpoint is saved.
Access Key ID
Optionally, the Access Key ID for the destination service, formatted as an AWS access key.
For anonymous access to the destination, omit both the Access Key ID and the Secret Access Key.
Secret Access Key
If you specified an Access Key ID, the Secret Access Key for the destination service, formatted as an AWS secret access key.
A Secret Access Key is required when you specify an Access Key ID.
Certificate Validation
The method used to validate the certificate for TLS connections
to the endpoint resource:
Do not verify certificate: The certificate used for the TLS connection is not verified.
Use custom CA certificate: Use a custom security certificate.
If you select this setting, copy and paste the custom security
certificate in the CA
Certificate text box.
Use operating system CA certificate: Use the default CA certificate installed on the operating system to
secure connections.
Click Save.
When you save an endpoint, StorageGRID validates that the endpoint that you configured exists and that it can be reached using the credentials that you specified.
If endpoint validation fails, you receive an error message that explains why endpoint validation failed. Resolve the issue, then try creating the endpoint again.
Note: Endpoint creation fails if platform services are not enabled for your tenant account. Contact your StorageGRID grid administrator.
If you need to test an existing endpoint, select the endpoint, and click Test.
A success message appears if the endpoint can be reached using the specified credentials. The connection to the endpoint is validated from one node at each site.
An error message appears if endpoint validation fails. If you need to modify the endpoint to correct the error, select it, click Edit, and update the information. Then, click Save to validate your changes.
Note: You cannot change an endpoint's URN after the endpoint has been created.
After you finish
After you have configured an endpoint, you can use its URN to configure a platform service.