Working with VMware Cloud Director Object Storage Extension S3 API

VMware Cloud Director Object Storage Extension provides a set of S3 compatible APIs for bucket and object operations.

The VMware Cloud Director Object Storage Extension API support AWS Signature v4, VMware Cloud Director JSON Web Token (JWT) authentication method.

The VMware Cloud Director Object Storage Extension API support JSON and XML formats.

By default, the S3 APIs of VMware Cloud Director Object Storage Extension are available at https://object-storage-extension-host-address/ and https://object-storage-extension-host-address/api/v1/s3. Depending on the network configuration of your cloud provider, the address of VMware Cloud Director Object Storage Extension and the root path for the S3 API might be different from the default configuration.

The VMware Cloud Director Object Storage Extension S3 API documentation is available with the product at https://object-storage-extension-host-address/docs and in the VMware API Explorer at https://code.vmware.com/apis, under the VMware Cloud Director Object Storage Extension product category.

Using Security Credentials and VMware Cloud Director Object Storage Extension API

To see how you work with security credentials and VMware Cloud Director Object Storage Extension API, use the following example.

Create a user credential by using the VMware Cloud Director Object Storage Extension tenant portal.
By default, newly created user credentials are activated during creation.
Copy the access and secret keys.
Note the name of a bucket as it is displayed in the VMware Cloud Director Object Storage Extension tenant portal.

In your API client, use the AWS Signature authentication method to authenticate your API request by entering the API endpoint and the access and security keys.

For example, enter the following connection information:



API Endpoint	`https://Cloud-Director-Object-Storage-Extension-IP-Andreas:443`
Access key	`5a5af54cf34a172a511f`
Secret key	`omSG+UXSoyD1fbdFt0iia3I8I+f0QLSiIn5wpq1L`

To list all buckets owned by the owner of the user credential, run an S3 API GET request .

For example:

GET /HTTP/1.1
Host: vCloud-Director-Object-Storage-Extension-IP-addres:443
Accept: application/xml
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20190717T014259Z
Authorization: AWS4-HMAC-SHA256 Credential=5a5af54cf34a172a511f/20190717/us-east-1/s3/aws4_request, SignedHeaders=accept;host;x-amz-content-sha256;x-amz-date, Signature=a1a0cfdc34fd4275f567ef673f14d8ff963242d29c13515506a3a913e7f38415
cache-control: no-cache

The system returns the following XML representation of the contents of the bucket:

<listBucketResult>
		<Name>bucket-name</Name>
		<KeyCount>1</KeyCount>
		<MaxKeys>1000</MaxKeys>
		<Contents>
			<Key>object-name</Key>
			<Owner>
				<ID>system-id-of-the-user</>
				<DisplayName>display-name-of-the-user</DisplayName>
			</Owner>
			<StorageClass>Storage-Class</StorageClass>
			<Size>object-size-in-KB</Size>
			<LastModified>last-modified-date</LastModified>
		</Contents>
		<IsTruncated>true-or-false</IsTruncated>
		<ContinuationToken>1-or-0</ContinuationToken>
</listBucketResult>

To obtain a user or an application credential, see Working with Security Credentials.