Endpoint domain names for S3 requests

Before you can use S3 domain names for client requests, a StorageGRID administrator must configure the system to accept connections that use S3 domain names in S3 path-style and S3 virtual hosted-style requests.

About this task

To enable you to use S3 virtual hosted style-requests, a grid administrator must perform the following tasks:
  • Use the Grid Manager to add the S3 endpoint domain names to the StorageGRID system.
  • Ensure that the certificate the client uses for HTTPS connections to StorageGRID is signed for all domain names that the client requires.

    For example, if the endpoint is s3.company.com, the grid administrator must ensure that the certificate used for HTTPS connections includes the s3.company.com endpoint and the endpoint's wildcard Subject Alternative Name (SAN): *.s3.company.com.

  • Configure the DNS server used by the client to include DNS records that match the endpoint domain names, including any required wildcard records.
If the client connects using the Load Balancer service, the certificate that the grid administrator configures is the certificate for the load balancer endpoint that the client uses.
Note: Each load balancer endpoint has its own certificate, and each endpoint can be configured to recognize different endpoint domain names.
If the client connects Storage Nodes or to the CLB service on Gateway Nodes, the certificate that the grid administrator configures is the single custom server certificate used for the grid.
Note: The CLB service is deprecated.
See the instructions for administering StorageGRID for more information.

After these steps have been completed, you can use virtual hosted-style requests (for example, bucket.s3.company.com).