The Broker allows Cloud Storage targets to be created and usage costs tracked against cost centres. Existing storage object stores can also be linked to allow tracking of their costs.
The following lists the supported cloud storage targets:
- Amazon AWS S3 buckets
- Microsoft Azure storage accounts
This article describes the steps required to manage cloud storage.
Prerequisites
- Administrative access to the Broker UI
Accessing Storage
This section describes the steps required to access storage targets.
- Login in the the Broker UI as an administrative user
- Navigate to Manage > Storage
- Select the tab for the storage provider
Note: Only tabs for plugin-enabled cloud providers will be displayed - A list of storage targets is displayed
Storage Actions
The following lists actions available for storage targets.
Action | Description |
View | View the storage target properties |
Permissions | Sets permissions to control access to the storage target |
Remove |
Removes the storage endpoint |
Creating a Storage Target
This section describes the steps required to create a new storage target.
- Access the Storage menu
- Select the cloud provider tab to create the storage target
Note: This example creates a new AWS S3 bucket - Click Add New
- In the Add New Bucket screen, provide the following information:
- Account: The Account which the storage target will be created in
- Region: The region which the storage target will be created in
- Bucket Name: A unique name for the S3 bucket
- Cost Centre: A Cost Centre to assign usage costs
- Description: A description for the storage target
- Click Add
- A message indicates the status of the request
Linking an Existing Storage Target
Existing storage targets created outside of the Broker can be brought under management, allowing usage costs to be associated to a Cost Centre.
This section describes the steps required to link an existing storage target.
- Access the Storage menu
- Select the cloud provider tab to link the storage target
Note: This example links and existing Azure Storage Account - Click Link Existing
- In the Link Existing Bucket screen, provide the following information:
- Account: The Account which from which to search for the storage target
- Storage Account: A drop-down list containing the storage accounts available from the selected Account
- Cost Centre: A Cost Centre to assign storage account usage costs
- Description: A description for the storage target
- Click Link
- A message indicates the status of the request
Removing a Storage Endpoint
This section describes the steps required to remove a storage target.
By default, removing a storage target will unlink the storage target from the Broker and does not delete the storage target from the service provider. Deletion of the storage target can be specified in the below steps.
- Access the Storage menu
- Select the cloud provider tab containing the storage endpoint to remove
Note: This example removes an AWS S3 bucket - For the storage endpoint to remove, select the View drop-down menu
Click Remove - In the Remove Bucket screen, provide the following information:
- Also physically delete Object Store: Check this option to also delete the storage target from the service provider - this is a non-reversible action
- Also physically delete Object Store: Check this option to also delete the storage target from the service provider - this is a non-reversible action
- Click Remove
- A message indicates the status of the request
Storage Endpoints Details
The View display's the storage endpoint properties.
Storage endpoint owners and administrators can modify the following properties in this screen:
- Cost Centre
- Description
Storage Endpoint Permissions
For AWS storage endpoints, Permissions allow for storage endpoint owners and administrators to control access to the storage endpoint. By default, no additional users are granted permissions to a storage endpoint and only the storage endpoint owner will have permissions.
Click Add User if other users require access - in this context, users are service providers users (AWS IAM users), not Broker users.
Click each of the Permissions (Read/Write) to toggle whether the listed user is allowed/denied the selected action.