To configure VMware Cloud Director Object Storage Extension with AWS, you provide the region, the secret, and the access keys of your AWS payer account.

When you configure VMware Cloud Director Object Storage Extension with AWS, you establish the connection to the following AWS services:
  • Identity and Access Management (IAM) Service
  • Simple Storage Service (S3)
  • Security Token Service (STS)
  • Organization Service

Prerequisites

  • Verify that you prepared your AWS environment for configuration with VMware Cloud Director Object Storage Extension. See Prepare Your AWS Environment for Configuration.
  • Verify that VMware Cloud Director Object Storage Extension has outbound access to AWS services.

Procedure

  1. Open an SSH connection to the machine on which you installed VMware Cloud Director Object Storage Extension.
  2. Start the VMware Cloud Director Object Storage Extension Keeper service.
    systemctl start voss-keeper
  3. Configure the connection to AWS S3.
    ose amazon set --region aws-payer-account-region --access-key account-access-key --secret-key account-secret-key
    For example:
    ose amazon set --region us-east-1 --access-key AKIAIOSFODNN7EXAMPLE --secret-key wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
  4. Allow the use of AWS S3.
    ose platforms enable amazon
  5. Validate the configuration.
    ose config validate
    If all components are successfully configured, the system returns the following message:
    +-----------------------------+-------------+-----------------+-----------+
    |             Name            |   Required  |   Connectivity  |   Detail  |
    +=============================+=============+=================+===========+
    |           Database          |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |         Certificate         |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |        Cloud Director       |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |        Platform - AWS       |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |       AWS IAM service       |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |        AWS S3 service       |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |       AWS STS service       |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    |   AWS Organization service  |      Y      |      Normal     |           |
    +-----------------------------+-------------+-----------------+-----------+
    If the system returns an error, review the log file at /opt/vmware/voss/log.
  6. Verify the status of the VMware Cloud Director Object Storage Extension service.
    ose service show
    If the VMware Cloud Director Object Storage Extension service runs as expected, the system returns a Running status and configuration details.

    If you receive an error message, you can start the VMware Cloud Director Object Storage Extension service in debugging mode by adding the --debug argument and troubleshoot the problem.

  7. Start VMware Cloud Director Object Storage Extension services.
    ose service start
    Option Description
    Governance Mode A user with specific permissions can preview the retention policy.
    Compliance Mode The retention policy is not displayed to any user.
    No Retention Does not require the selection of a retention period. If you select this option, you can define the retention period later.
  8. (Optional) Get configuration details.
    ose amazon show
    The system returns the AWS configuration details.