Vault Console (Object Storage)

 

 

Overview

 

Partners and Clients can utilize Vault to manage and access their Object Storage via Zettagrid

Order Process

Order Storage via your Account Manager or support@zettagrid.com

 

Provide following details in ticket

  • Account ID (If current Zettagrid Client)

  • Storage Size (Min 10TB)

 

Vault login details will be supplied after order process!

Login Console https://vault.zettagrid.com/login

 

Getting Started

Use new login credentials recevied after order process.

 

When logging in the first time, a new member may be required to change their password.

 

Password Reset Required

When logging in the first time, a new member may be required to change their password.

  1. Go to the Login page and enter your email address/username and password.

  2. If required, please enter a new password.

 

Generate Root Access Keys

 

  1. Click on “Settings”

  2. Select “Access Keys”

  3. Click on “Generate Access Key”

This will present you with the ability to Copy or Download these keys. Please store in a safe place as this is the only time these keys will be available.

 

Reset Root Access Keys

  1. Click on “Settings”

  2. Select “Access Keys”

  3. Click on “Reset Access Key”

 

 

Warning: By performing a Root Access Key Reset, all current existing Root Access Keys will be deleted and replaced with a single new Root Access Key.

This will present you with the ability to Copy or Download these keys. Please store in a safe place as this is the only time these keys will be available.

Member Roles

Members have six different roles:

Root – can perform all actions in the Zettagrid Vault Console including managing Root Access Keys and managing account Members.

Administrator - can perform all actions in the Zettagrid Vault Console including managing account Members but cannot view Root Access Keys

Full Access – can perform all S3 actions but cannot view Members or Root Access Keys Access Keys

Full Access Limited – same functionality as Full Access but cannot perform S3 Delete actions

Download Only – can view all S3 action including the ability to Download a file

Read Only – can view all S3 actions and cannot Download a file

 

Managing Members - Root and Administrator Members can manage all aspects of their Members.

Create Additional Member Accounts

If additional access is required for management of your account you can create users under members.

 

  1. Click on “Settings”

  2. Select “Members”

  3. Click on “Create Member”

 

Password Reset Required forces the Member to enter a new password upon logging in the first time.

 

Enable MFA

To enable MFA select settings and profile tab

Scroll down and “Turn On” MFA

Complete process below

Going forward, you will be required to enter a code for your Authenticator application to login.

 

Disable Multi-factor Authentication (MFA)

Follow same process but select “Turn Off”

 

 

Working with Buckets and Objects

Accounts can store objects (folders and files) in buckets. Once you create a storage bucket, you can upload objects into the bucket. You can create up to 1000 buckets per account.

 

Create a Bucket

 

  1. On the Zettagrid Vault Console, click Create Bucket. If you are a new user, you may see a screen such as the one below.

 

  1. In the “ Bucket Name” area, enter a unique DNS-compliant name for your new bucket. You should develop a naming strategy following these guidelines:

● The name must be unique across all existing bucket names. A bucket name must:

Be a valid DNS-compliant name

Begin with a lowercase letter or number, and

Consist of 3 to 63 lowercase letters, numbers, periods, and/or dashes. The name cannot contain underscores, end with a dash, have consecutive periods, or use dashes adjacent to periods. And, the name cannot be formatted as an IP address (123.45.678.90).

● Choose a bucket name that reflects the objects you will store in the bucket.

 

The bucket name is visible in the URL that points to the objects you will put in the bucket.

 

  1. Select the region (geographic location) where you want the bucket to reside. The URL of the region you select is displayed with the region name.

Region will be locked down to Australia unless requested in other locations

 

  1. At this point, you have several options before creating the bucket.

 

Bucket Versioning - Can be enabled after bucket creation

Is a way to maintain multiple variations of an object in the same bucket. You can then retrieve and restore any version of an object in the bucket. This provides protection against inadvertent removal of an object (such as by overwriting or expiration).

Bucket Logging - Can be enabled after bucket creation

Creates a text log file of all access to the bucket. You can specify the target bucket in which to store log files as well as a prefix to include in the log file name

Object Locking - Object Lock must be enabled at the time a bucket is created. Buckets using Object Lock must also have Versioning enabled. Can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.

 

 

  1. Click Create to accept the information and create the bucket. A message at the top of your screen indicates that the bucket was created successfully. The new bucket is displayed on the Buckets View

 

 

Edit bucket properties via three dots icon at the end of the row to:

  • Delete or View/Edit Bucket

 

Test Bucket Privacy

Australia Sydney Zone

https://s3.ap-southeast-2.wasabisys.com/[bucket_name]

A private bucket that is NOT open to public access via Internet will return Access Denied: 

 

Working with a Bucket

 

Bucket Properties

Bucket properties can be viewed via the three dots icon :

 

Several settings can be changed

Object Lock must be enabled at the time a bucket is created.

 

Bucket Versioning

Bucket Versioning Versioning is a way to maintain multiple variations of an object in the same bucket. When versioning is enabled, you can then retrieve and restore any version of an object in the bucket. This provides protection against inadvertent removal of an object (such as by overwriting or expiration).

There are three Versioning states a bucket can be in

  • Unversioned

  • Enabled

  • Suspended

Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket. The versioned objects that have been created will remain in the bucket. You will want to remove them specifically if they are no longer needed.

 

Enabling Bucket Versioning for Unversioned

  1. Select a Bucket that is Unversioned from the Buckets List.

  2. Click Properties.

  3. Under Bucket Versioning, click on Enable Versioning.

  4. Confirm that you want to Enable Versioning

 

Suspending Bucket Versioning for Versioned Buckets

  1. Select a Bucket that is Versioned from the Buckets List.

  2. Click Properties.

  3. Under Bucket Versioning, click on Suspend Versioning

  4. Confirm that you want to Suspend Versioning.

Bucket Logging

Bucket Logging creates a text log file of all access to the bucket. You can specify the target bucket in which to store log files as well as a prefix to include in the log file name.

 

Enabling Bucket Logging

  1. Select a Bucket from the Buckets List that you want to enable Bucket Logging for.

  2. Click Properties.

  3. Slide the switch to enable Bucket Logging.

  4. Enter a Logging Prefix to include in the log file name. Each log file will start with the characters you enter.

  5. Select a Target Bucket in which to store log files.

  6. Click Update to confirm your settings.

Object Locking

Object Locking can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely. Object Locking must be enabled at Bucket Creation. Versioning must also be enabled on the bucket. Once enabled, Object Locking cannot be disabled.

 

Creating an Object Lock Bucket

  1. Click Create Bucket from the Buckets list

  2. Slide the switch next to Object Locking to enable Object Locking on this Bucket. (Note: Bucket Versioning will be enabled automatically)

 

Setting Object Locking Defaults

When Object Locking is enabled for a bucket, the Object Locking panel tab on the properties page for the bucket will have default settings that can be configured.

 

  1. Select a Bucket from the Buckets List that you would like to configure Object Locking Defaults for. (Note: This Bucket must have had Object Lock enable at Bucket Creation.)

  2. Click Properties

  3. Slide the switch next to Enable Bucket-Level Object Retention. These settings will automatically apply to all new objects placed into the bucket after you apply the settings.

  4. Configure a mode by selecting either Governance Mode or Compliance Mode.

-Configure the Retention Period (Time Scale and Retention Time)

  1. Click Update.

  2. Confirm

 

  • Objects placed in Governance Mode remain immutable until after they have reached the retain until date, unless a user has specific IAM permissions to alter the settings.

  • Objects placed in Compliance Mode remain immutable until after they have reached the retain until date. This cannot be reversed for any reason, by any user, regardless of user permissions.

 

View Object Lock information

  1. Click on a Bucket

  2. Click on an Object. The “Mode,” “Retain Until” date, and “Legal Hold” status are displayed.

 

 

 

If you want to modify the “Mode” and/or “Retain Until” date, click Edit (to the right of Object Locking). After making your change, click APPLY to save the Object Locking changes.

 

 

If object locking was not previously configured on the object:

  1. You can click

Enable Object Locking and Configure the Mode

 

 

Legal Hold

  1. You can toggle the Legal Hold on or off for the object. This will prevent anyone from Deleting the Object if enabled.

 

 

Storing Objects in Buckets

Follow the following steps to upload files via Vault:

  1. Select the bucket you want to use

  2. Click on Upload Files

  3. Browse or drag and drop files

  4. Click Start Upload to upload the objects.

 

 

Upload a file(s) by clicking the BROWSE FILES button. Then, navigate to find the file(s) you want to upload. You can use the Shift or Ctrl keys to select multiple files. (Continue with the next step.) If you choose the same file name from different folders, the file chosen last will be stored before the upload starts.

 

Avoid the use of the following special characters in a file name:

% (percent)

< (less than symbol)

> (greater than symbol)

\ (backslash)

# (pound sign)

? (question mark)

 

Certain file names may have non-ASCII characters that are 4 byte UTF8 characters (such as emojis). These characters are not support and will return a 400 error message to an application that tries to write a file with 4 byte UTF characters in the file name. We recommend renaming the affected files, if possible.

 

Remove files from upload list

To remove a file from the list before uploading, click X to the right of the file name. To remove all selected files before uploading, click Clear Files.

Click Start Upload to upload the objects.

A check appears to the right of each file name when it is successfully uploaded.

View File Versions

  1. Toggle on “Show Versions” from the Objects list

  2. Find the “versioned” objects in the Object list

 

Accessing Buckets from 3de Party Applications

Accessing your buckets via a 3de Party Application usually required the following

 

  • Bucket Name

  • S3 Compatible storage Service Point

  • Access and Security Keys

 

Example - CloudBerry Explorer

 

Zettagrid Vault - Service Point

Zettagrid Vault - Wasabi AP Southeast 2 (Sydney)

http://s3.ap-southeast-2.wasabisys.com

Zettagrid Vault - Wasabi AP Southeast 1 (Singapore)

http://s3.ap-southeast-1.wasabisys.com

 

Confirming bucket/data location via Vault

 

Access and Security Keys

Information on how to generate new access keys can be found in the start of the document

 

Q & A - VAULT Object Storage

 

  • Object Storage charges?

No egress charges

No API Request charges

Object Storage 30 day Retention Policy may apply

(If stored objects are deleted before they have been stored with Vault for a certain number of days, a Timed Deleted Storage charge equal to the storage charge for the remaining days will apply.)

 

  • Minimum storage duration policy work

This policy is comparable to the minimum storage duration policies that exist with some AWS and other hyperscaler storage services.

30 days for customers using Zettagrid Vault

One of the big advantages with Zettgrid is the 30 Day vs 90 Day retention policy!

Clients are more likely to have additional cost with 90 Day than 30 Day retention.

 

EXAMPLE - To better understand how the minimum storage retention policy works, let’s consider an example (a 90 day policy is used in this example).

-An object is stored in Vault on day 1

-On day 16, this object is deleted from Vault

In this example, you will be billed for:

-15 days of Timed Active Storage

-75 days of Timed Deleted Storage

 

  • Can I purchase more than 10TB of VAULT?

Yes, 10TB is only starting point. Customers can contact http://zettagrid.com or their account manager to purchase larger blocks.

 

  • I have a Zettagrid VDC, can I use VAULT?

Yes, you can use VAULT. You will just require a compatible S3 application installed on your virtual machine to mount the storage.

 

  • Can I use AWS Cli with Vault Object Storage?

 

  • Vault Powered by Wasabi Knowledge base questions

 

  • Migrate Object Storage from another Provider to Vault powered by Wasabi

 

  • Vault Powered by Wasabi vs AWS Features

Feature

Wasabi

AWS S3

 Management

  • Identity and Access Management (IAM)

  • Identity and Access Management (IAM)

 

  • Versioning

  • Versioning

 

  • Life Cycle Management

  • Life Cycle Management

 

  • Detailed Logging

  • Detailed Logging

 

  • Bucket Replication

  • Tagging

 

  • Event Trigger with SNS

  • Detailed Costing

 

 

  • Bucket Replication

 

 

  • Event Trigger with SNS

 

 

 

Performance

  • Concurrency

  • Concurrency

 

  • Parallel Downloads

  • Parallel Downloads

 

  • Strong Consistency

  • Strong Consistency

 

  • Multipart Upload

  • Multipart Upload

 

 

  • <1 min Retrieval from Archive

 

 

 

 Security

  • Object Lock

  • Object Lock

 

  • Server-side Encryption

  • Server-side Encryption

 

  • Multi-User Authentication 

  • Client-side Encryption

 

  • MFA

  • End-to-end Encryption

 

  • 11 x 9's durability

  • MFA

 

 

  • 11 x 9's durability

 

 

 

Availibility

  • Multi-Region Availibility 

  • Multi-Region Availibility 

 

  • 99.99%

  • 99.99%

 

 

 

 Pricing

  • Single hot tier. Flat cost per TB 

  • 8+ storage tiers at different costs

 

  • No egress fees

  • Egress and retrieval fees

 

  • No API fees

  • API fees