Working with S3 buckets on a Snowball Edge device
You can create Amazon S3 buckets on your Snowball Edge devices to store and
retrieve objects on premises for applications that require local data access, local data
processing, and data residency. Amazon S3 compatible storage on Snow Family devices provides a new storage class, SNOW,
which uses the Amazon S3 APIs, and is designed to store data durably and
redundantly across multiple Snowball Edge devices. You can use the same APIs and
features on Snowball Edge buckets that you do on Amazon S3, including bucket lifecycle policies,
encryption, and tagging.
Using the AWS CLI
Note
You must use the latest AWS CLI to work with Amazon S3 compatible storage on Snow Family devices. Install or upgrade to the latest version. For more information, see Installing, updating, and uninstalling the AWS CLI.
Follow these instructions to work with Amazon S3 buckets on your device using the AWS CLI.
To set up the AWS CLI
-
Create a profile for object endpoints in
~/.aws/config.[profileyour-profile] aws_access_key_id =your-access-idaws_secret_access_key =your-access-keyregion = snow ca_bundle = dev/apps/ca-certs/your-ca_bundle -
Obtain a certificate from your device. For information, see the Snowball Edge Developer Guide.
-
If you installed the SDK in a virtual environment, activate it using the following command:
sourceyour-virtual-environment-name/bin/activate
After you set up your operations, you can access them using API calls with the
AWS CLI. In the following examples, cert
Accessing object operations
aws s3api --profile your-profile list-objects-v2 --endpoint-url https://s3api-endpoint-ip
Accessing bucket operations
aws s3control --profile your-profile list-regional-buckets
--account-id bucket-owner --endpoint-url https://s3ctrlapi-endpoint-ip
Using the Java SDK
Use the following example to work with Amazon S3 objects using the Java SDK.
import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.auth.credentials.AwsBasicCredentials; import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider; import software.amazon.awssdk.http.SdkHttpClient; import software.amazon.awssdk.http.apache.ApacheHttpClient; import software.amazon.awssdk.regions.Region; import java.net.URI; AwsBasicCredentials creds = AwsBasicCredentials.create(accessKey, secretKey); // set creds by getting Access Key and Secret Key from snowball edge SdkHttpClient httpClient = ApacheHttpClient.builder().tlsTrustManagersProvider(trustManagersProvider).build(); // set trust managers provider with client certificate from snowball edge String s3SnowEndpoint = "10.0.0.0"; // set s3-snow object api endpoint from describe service S3Client s3Client = S3Client.builder().httpClient(httpClient).region(Region.of("snow")).endpointOverride(new URI(s3SnowEndpoint)).credentialsProvider(StaticCredentialsProvider.create(creds)).build();
Bucket ARN format
You can use the Amazon Resource Name (ARN) format listed here to identify an Amazon S3 bucket on a Snowball Edge device:
arn:partition:s3:snow:account-id:device/device-id/bucket/bucket-name
Where partition is the Region where you ordered your
Snowball Edge device. device-id is the job_id if the device is a standalone
Snowball Edge device, or the cluster_id if you have a Snowball Edge
cluster.
Creating an S3 bucket on a Snowball Edge device
You can create Amazon S3 buckets on your Snowball Edge device to store and retrieve
objects at the edge for applications that require local data access, local data
processing, and data residency. Amazon S3 compatible storage on Snow Family devices provides a new storage class,
SNOW, which uses Amazon S3 and is designed to store data durably and
redundantly across multiple devices . You can use the same APIs and features as you do
on Amazon S3 buckets, including bucket lifecycle policies, encryption, and tagging.
The following example creates an Amazon S3 bucket for a Snowball Edge device using the AWS CLI. To run this command, replace the user input placeholders with your own information.
aws s3control --profileyour-profilecreate-bucket --bucketyour-snow-bucket--endpoint-url https://s3ctrlapi-endpoint-ip
Creating and managing an object lifecycle configuration using the AWS CLI
You can use Amazon S3 Lifecycle to optimize storage capacity for Amazon S3 compatible storage on Snow Family devices. You can create lifecycle rules to expire objects as they age or are replaced by newer versions. You can create, enable, disable, or delete a lifecycle rule. For more information about Amazon S3 Lifecycle, see Managing your storage lifecycle.
Note
The AWS account that creates the bucket owns it and is the only one that can create, enable, disable, or delete a lifecycle rule.
To create and manage a lifecycle configuration for an Amazon S3 compatible storage on Snow Family devices bucket using the AWS Command Line Interface (AWS CLI), see the following examples.
PUT a lifecycle configuration on a Snowball Edge bucket
The following AWS CLI example puts a lifecycle configuration policy on a Snowball Edge bucket.
This policy specifies that all objects that have the flagged prefix (myprefix) and tags expire after 10 days. To use this example, replace each user input placeholder with your own information.
First, save the lifecycle configuration policy to a JSON file. For this example,
the file is named lifecycle-example.json.
{ "Rules": [{ "ID": "id-1", "Filter": { "And": { "Prefix": "myprefix", "Tags": [{ "Value": "mytagvalue1", "Key": "mytagkey1" }, { "Value": "mytagvalue2", "Key": "mytagkey2" } ], } }, "Status": "Enabled", "Expiration": { "Days": 10 } }] }
After you save the file, submit the JSON file as part of the
put-bucket-lifecycle-configuration command. To use this command,
replace each user input placeholder with your own information.
aws s3control put-bucket-lifecycle-configuration --bucketexample-snow-bucket--profileyour-profile--lifecycle-configuration file://lifecycle-example.json--endpoint-url https://s3ctrlapi-endpoint-ip
For more information about this command, see put-bucket-lifecycle-configuration
Working with Amazon S3 compatible storage on Snow Family devices buckets
With Amazon S3 compatible storage on Snow Family devices, you can create Amazon S3 buckets on your Snowball Edge devices to store and
retrieve objects on premises for applications that require local data access, local data
processing, and data residency. Amazon S3 compatible storage on Snow Family devices provides a new storage class, SNOW,
which uses the Amazon S3 APIs, and is designed to store data durably and
redundantly across multiple Snowball Edge devices. You can use the same APIs and
features on Snowball Edge buckets that you do on Amazon S3, including bucket lifecycle policies,
encryption, and tagging. You can use Amazon S3 compatible storage on Snow Family devices using the
AWS Command Line Interface (AWS CLI) or AWS SDKs.
Determine whether you can access an Amazon S3 compatible storage on Snow Family devices bucket
The following example uses the head-bucket command to determine if an
Amazon S3 bucket exists and you have permissions to access it using the AWS CLI. To use this
command, replace each user input placeholder with your own information.
aws s3api head-bucket --bucketsample-bucket--profileyour-profile--endpoint-url https://s3api-endpoint-ip
Retrieve a list of buckets
The following example lists Amazon S3 compatible storage on Snow Family devices buckets using the AWS CLI. To use this command, replace each user input placeholder with your own information.
aws s3control list-regional-buckets --account-id123456789012--profileyour-profile--endpoint-url https://s3ctrlapi-endpoint-ip
For more information about this command, see list-regional-buckets
The following SDK for Java example gets a list of buckets on Snowball Edge devices. For more information, see ListRegionalBuckets in the Amazon Simple Storage Service API Reference.
import com.amazonaws.services.s3control.model.*; public void listRegionalBuckets() { ListRegionalBucketsRequest reqListBuckets = new ListRegionalBucketsRequest() .withAccountId(AccountId) ListRegionalBucketsResult respListBuckets = s3ControlClient.listRegionalBuckets(reqListBuckets); System.out.printf("ListRegionalBuckets Response: %s%n", respListBuckets.toString()); }
Get a bucket
The following example gets an Amazon S3 compatible storage on Snow Family devices bucket using the AWS CLI. To use this command, replace each user input placeholder with your own information.
aws s3control get-bucket --account-id123456789012--bucketDOC-EXAMPLE-BUCKET--profileyour-profile--endpoint-url https://s3ctrlapi-endpoint-ip
For more information about this command, see get-bucket
The following Amazon S3 compatible storage on Snow Family devices example gets a bucket using the SDK for Java. For more information, see GetBucket in the Amazon Simple Storage Service API Reference.
import com.amazonaws.services.s3control.model.*; public void getBucket(String bucketName) { GetBucketRequest reqGetBucket = new GetBucketRequest() .withBucket(bucketName) .withAccountId(AccountId); GetBucketResult respGetBucket = s3ControlClient.getBucket(reqGetBucket); System.out.printf("GetBucket Response: %s%n", respGetBucket.toString()); }
Delete a bucket
Important
-
The AWS account that creates the bucket owns it and is the only one that can delete it.
-
Snow Family devices buckets must be empty before they can be deleted.
-
You cannot recover a bucket after it has been deleted.
The following example deletes an Amazon S3 compatible storage on Snow Family devices bucket using the AWS CLI. To use this command, replace each user input placeholder with your own information.
aws s3control delete-bucket --account-id123456789012--bucketDOC-EXAMPLE-BUCKET--profileyour-profile--endpoint-url https://s3ctrlapi-endpoint-ip
For more information about this command, see delete-bucket
