Setting up a Credentials File for Connecting to a Cold Tier Using the CLI or REST API

Describes how to create a credential file, with examples for AWS and Microsoft Azure.

Set up a credentials file on the host you plan to use for creating the cold tier if you are planning on using the credential option (and not pass the credentials on the command-line using the credential_str option).

For example, your credentials.txt file for AWS should look similar to the following sample file:

{
      "bucketName" : "defaultbucket3",
      "region": "us-east-1",
      "credentials" : {
         "accessKey" : "AB956CDE8F2GO7H9I4J2",
         "secretKey" : "5K1LmN92e65oPQRsTUvOfSbURxyEtYl2MmAocGi"
      }
}

The sample for Microsoft Azure is as follows:

maprcli tier create -name tier_azure_1 -type cold -url https://myobjectpools1.blob.core.windows.net -credential ~/creds_azure.txt
$ cat creds_azure.txt
      {
      "bucketName" : "bucket4",
      "credentials" : {
      "accessKey" : "myobjectpools1",
      "secretKey" : "N6GKkDPttqNc6rfTzhb2JNKwvdr9EraN89Mg8WaodrvPBeINBTZwhQu+Q3vX4ENeW+RQN42f+P8nXN0YasZWNA=="
                      }
      }

The credentials file (.txt file) contains the following properties in JSON format:

bucketName

The name of the bucket on the tier. If the bucket does not already exist on the tier, the command to create the tier attempts to create the bucket using the credentials in the credentials file. You can modify the name of the bucket only by using the -force option with the tier modify command

region

The S3 region to create the bucket on. Use the information in the following table to specify region information.

Vendor	Default Value	Notes
AWS	us-east-1	Specify region information as defined here. On AWS, each region can have a different URL. The URL must be provided with the `maprcli tier create` command. NOTE Because bucket names are unique across regions, make sure you specify the correct region for a given bucket in the credentials file. For example, suppose a bucket called myBucket3 in us-east-1; you cannot offload data to myBucket3 by specifying us-west-1 as the region in the credentials file.
GCS	us-east-1	Specify region information as described here.
HDP	N/A	Not required. If specified, Data Fabric ignores the value.
IBM	us-east-region	Not required. If specified, Data Fabric ignores the value.
Azure-Blobs	N/A	Not required. The region of the storage account is determined from the URL and data is offloaded into that region.
Minio	us-east-1	If you specify region, export the `MINIO_REGION` environment variable on the minio server as described in the Configuration Guide.
Scality	us-east-region	Not required. If specified, Data Fabric ignores the value.

You can modify the region only by using the -force option with the tier modify command.

accessKey and secretKey

The credentials for accessing the tier.

TIP

For Azure Blobs, the storage account name is the access key.

NOTE

Once the tier is created, Data Fabric does not require this file because CLDB stores the bucket, region, and credentials information.

HPE Ezmeral Data Fabric – Customer-Managed 7.9.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.9.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	November 2024
Edition	7.9.0