Cloud Tiering technical FAQ Edit on GitHub Request doc changes

Contributors netapp-bcammett

This FAQ can help if you’re just looking for a quick answer to a question.


The following questions relate to ONTAP.

What are the requirements for my ONTAP cluster?

Refer to the following:

Does Cloud Tiering enable inactive data reporting?

Yes, Cloud Tiering enables inactive data reporting on each aggregate. This setting enables us to identify the amount of inactive data that can be tiered to low-cost object storage.

Object storage

The following questions relate to object storage.

Which object storage providers are supported?

AWS S3 and Azure Blob storage are supported. Support for additional object storage providers will be added later.

Which regions are supported?

Which S3 storage classes are supported?

Cloud Tiering supports data tiering to Standard or Standard-Infrequent Access. See Supported S3 storage classes for more details.

Which Azure Blob access tiers are supported?

Cloud Tiering automatically uses the Hot access tier for your inactive data. We plan to add support for the Cool access tier in a future release.

Does Cloud Tiering create one object store for the entire cluster or one per aggregate?

One object store for the entire cluster.

Can I apply policies to my object store to move data around independent of tiering?

No, Cloud Tiering does not support object lifecycle management rules that move or delete data from object stores.

NetApp Service Connector

The following questions relate to the NetApp Service Connector.

What is the Service Connector?

The Service Connector is NetApp software that communicates with ONTAP clusters to discover information about active and inactive data, and to set up data tiering. For more details, see How Cloud Tiering works.

Where can I run the Service Connector?

  • When tiering cold data to S3, the Service Connector can reside in an AWS VPC or on your premises.

  • When tiering cold data to Blob storage, the Service Connector must reside in an Azure VNet.

How do you name the instance/virtual machine for the Service Connector?

The name of the Service Connector is prefixed with "Service-connector."


The following questions relate to networking.

What are the networking requirements?

  • The ONTAP cluster initiates an HTTPS connection over port 443 to your object storage provider.

    ONTAP reads and writes data to and from object storage. The object storage never initiates, it just responds.

  • The NetApp Service Connector needs an outbound HTTPS connection over port 443 to your ONTAP clusters, to the object store, and to the Cloud Tiering service.

For more details, see:


The following questions relate to permissions.

What permissions are required in AWS?

Permissions are needed to install the Service Connector:

A different set of permissions are required to manage the S3 bucket.

What permissions are required in Azure?

During deployment, Cloud Tiering creates and assigns a role to the Service Connector that provides the required permissions so ONTAP can tier inactive data to Azure Blob storage.