...

• Solution must comply with Amazon Simple Storage Service API Reference (API Version 2006-03-01) at http://aws.amazon.com/documentation/s3/^{Image Removed}
• Specific part of specification used is REST API as described at http://docs.amazonwebservices.com/AmazonS3/latest/dev/Introduction.html#API^{Image Removed}.
• For driver tooling examples see http://aws.amazon.com/developertools/^{Image Removed}

Feature specifications

...

The configuration environment is controlled by a file which needs to be accurately defined at the time of installation. Within the cloud bridge installation directory, the file is at conf/cloud-bridge.properties. Typical configuration information defined in this file is

host=http://myhost:8080/awsapi^{Image Removed}
storage.root=/mounts/mymountpoint
storage.multipartDir=_multipartuploads_
bucket.dns=false
serviceEndpoint=myhost:8080

So configured, the S3 API REST translation service will be running at http://myhost:8080/awsapi/rest/AmazonS3/^{Image Removed}.

The following step, with tomcat running, is to set up user keys using the script awsapi-setup/setup/cloudstack-aws-api-register. This needs setting up in accordance with the following example

./cloudstack-aws-api-register -u http://localhost:8080/awsapi/rest/AmazonS3^{Image Removed} -a MyAccessIDKey -s MySecretKey openssl_generated.mycert.pem

...

• List All Buckets,
  Example using the simplest GET request, http://myhost:8080/awsapi/rest/AmazonS3^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTServiceGET.htm
• GET Bucket's Objects,
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGET.htm
• GET a Bucket
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1?max-keys=10^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTServiceGET.htm
• GET Bucket acl,
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/?acl^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETacl.html
• List a Bucket's versions,
  Example using HEAD http://myhost:8080/awsapi/rest/AmazonS3/mybucket3/?versions&max-keys=999^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETVersion.html
• GET Bucket versioning status,
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/?versioning^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETversioningStatus.html
• Retrieve a Bucket's metadata,
  Example using HEAD http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/?keyname3^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketHEAD.html
• List Multipart Uploads,
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/my_upload_1?uploadId=6^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadListParts.html
• PUT Bucket,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket1^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUT.html
• PUT Bucket acl,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/?acl^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTacl.html
• PUT Bucket versioning status,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket2/?versioning^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html
• DELETE Bucket,
  Example using DELETE http://myhost:8080/awsapi/rest/AmazonS3/mybucket2^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETE.html
• GET a Bucket's Objects,
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGET.htm
• GET an Object from a Bucket,
  Example using GET http:/myhost:8080/awsapi/rest/AmazonS3/mybucket2/keyname1
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectGET.html
• GET Object acl,
  Example using GET http://myhost:8080./awsapi/rest/AmazonS3/mybucket1/?acl^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETacl.html
• PUT an Object into a Bucket,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket2/keyname1^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPUT.html
• POST a file Object into a Bucket,
  Example using example HTML forms to send, POST http://myhost:8080/awsapi/rest/AmazonS3^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPOST.html
• PUT Object acl,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket4/thirdk4?acl^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPUTacl.html
• Initiate Multipart Upload,
  Example using POST http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/my_upload_1?uploads^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadInitiate.html
• Upload Part,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/my_upload_1?uploadId=6&partNumber=1^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadUploadPart.html
• Complete Multipart Upload,
  Example using POST http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/my_upload_1?uploadId=6^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadComplete.html
• Abort Multipart Upload,
  Example using DELETE http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/my_upload_1?uploadId=6^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadAbort.html
• List Parts for Upload,
  Example using GET http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/my_upload_1?uploadId=6^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadListParts.html
• DELETE Object,
  Example using DELETE http://myhost:8080/awsapi/rest/AmazonS3/mybucket1/?key_name_01^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectDELETE.html
• Delete Multiple Objects in one command,
  Example using POST http://myhost:8080/awsapi/rest/AmazonS3/mybucket3/?delete^{Image Removed}
  Specified at aws.amazon.com/releasenotes/Amazon-S3/7816383882128829
• Copy an Object between Buckets,
  Example using PUT http://myhost:8080/awsapi/rest/AmazonS3/mybucket2/key_k1b1^{Image Removed}
  Specified at docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectCopy.html

...

1. The incoming request is interpreted.
2. The authentication of the request is appended to it.
3. The service which processes the request provides a response.
4. The informational response is returned if successful or an error response provided otherwise, in accordance with http://docs.amazonwebservices.com/AmazonS3/latest/dev/UsingRESTError.html^{Image Removed}.

To validate the request data structure (termed the canonical string) the following rules are enforced by the design:

...

1. Get CloudStack running on the latest 3.0.x series
2. Enable the S3 API by setting the flag enable.s3.api to 'true' in the configuration table. This can be done through the UI or directly in MySQL:
   update configuration set value='true' where name='enable.s3.api';
3. Choose a local filesystem path where the objects will be stored. We can mount an NFS store or use the local filesystem. E.g,:
   • mkdir -p /mnt/s3
   • Ensure that the 'cloud' user can write to this directory
4. Edit the file $TOMCAT_HOME/conf/cloud-bridge.properties:
   • host=http://localhost:8080/awsapi^{Image Removed}
     storage.multipartDir=_multipartuploads_
     bucket.dns=false
     storage.root=<mount point or filesystem path>
     serviceEndpoint=localhost:8080
5. Restart CloudStack.
6. Obtain API and secret keys for a user (available in the Admin ui under Accounts -> Users)
   • CloudStack Api key = this is the same as the AWS access key id
   • CloudStack Secret key = this is the same as the AWS secret access key
7. Generate a private key and a self-signed X.509 certificate. Substitute your own desired storage location for /path/to/… below.
   • $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 <http://rsa:2048/^{Image Removed}> -keyout /path/to/private_key.pem -out /path/to/cert.pem
8. Register the mapping from the X.509 certificate to your accounts API keys with CloudStack.
   • $ cloudstack-aws-api-register --apikey=<User’s Cloudstack API key> --secretkey=<User’s CloudStack Secret key> --cert=</path/to/cert.pem> --url=http://<cloudstack-server>:8080/awsapi/rest/AmazonS3
9. Configure the boto S3Connection object as follows:

...