storage aggregate object-store config create


Define the configuration for an object store

Availability: This command is available to cluster administrators at the admin privilege level.


The storage aggregate object-store config create command is used by a cluster administrator to tell Data ONTAP how to connect to an object store. Following pre-requisites must be met before creating an object store configuration in Data ONTAP.

  • A valid data bucket or container must be created with the object store provider. This assumes that the user has valid account credentials with the object store provider to access the data bucket.

  • The Data ONTAP node must be able to connect to the object store. This includes

  • Fast, reliable connectivity to the object store.

  • An inter-cluster LIF (Logical Interface) must be configured on the cluster. Data ONTAP will verify connectivity prior to saving this configuration information.

  • If SSL/TLS authentication is required, then valid certificates must be installed.

  • FabricPool license (required for Amazon S3 object store).

An object-store configuration once created must not be reassociated with a different object-store or container. See storage aggregate object-store config modify command for more information. If no secret password or access key is provided while setting up a configuration for AWS_S3 object store, Data ONTAP will try to obtain them through Data ONTAP Cloud in AWS using the AWS Identity and Access Management (IAM) role. If Data ONTAP is unable to create a object store configuration, then the command will fail explaining the reason for failure.


-object-store-name <text> - Object Store Configuration Name

This parameter specifies the name that will be used to identify the object store configuration. The name can contain the following characters: "", "-", A-Z, a-z, and 0-9. The first character must be one of the following: "", A-Z, or a-z.

-provider-type <providerType> - Type of the Object Store Provider

This parameter specifies the type of object store provider that will be attached to the aggregate. Valid options are: AWS_S3 (Amazon S3 storage) and SGWS (StorageGrid WebScale).

-server <Remote InetAddress> - Fully Qualified Domain Name of the Object Store Server

This parameter specifies the Fully Qualified Domain Name (FQDN) of the remote object store server. For Amazon S3, server name must be an AWS regional endpoint in the format or s3-<region>, for example, The region of the server and the bucket must match. For more information on AWS regions, refer to 'Amazon documentation on AWS regions and endpoints'.

[-ssl-enabled {true|false}] - SSL/HTTPS Enabled?

This parameter indicates whether secured connection will be used during data access to the object store. Default: False. Use of SSL certificates is one such method to ensure secure communication.

[-port <integer>] - Port Number of the Object Store

This parameter specifies the port number on the remote server that Data ONTAP will use while establishing connection to the object store.

-container-name <text> - Data Bucket/Container Name Used in S3 Requests

This parameter specifies the data bucket or container that Data ONTAP should read and write to.

[-access-key <text>] - Access Key

This parameter specifies the access key (access key ID) required to authorize requests to the object store.

[-secret-password <text>] - Secret Password

This parameter specifies the password (secret access key) to authenticate requests to the object store.

[-ipspace <IPspace>] - IPspace to Use in Order to Reach the Object Store

This optional parameter specifies the ipspace to use to connect to the object store. Default value: Default

[-use-iam-role {true|false}] - Use IAM Role for AWS ONTAP Cloud

This parameter specifies whether IAM credentials must be used for data access from AWS_S3 object store. This parameter is required only when setting up a AWS_S3 object store configuration in Data ONTAP. The IAM credentials required for setting up this configuration will obtained through Data ONTAP Cloud in AWS. This option is available only through ONTAPI.


The following example creates a object store configuration in Data ONTAP:

cluster1::>storage aggregate object-store config create -object-store-name my-aws_store
           -provider-type AWS_S3 -server -port 1237 -s3-name AWS-bucket
           -ssl-enabled false -ipspace Default