A unique identifier that is associated with a secret access key

An access key and a secret access key are used together to sign programmatic S3 AWS API requests cryptographically.

See [Amazon access keys] for more details.

An alias for a key that is used in conjunction with the access key ID to cryptographically sign programmatic AWS requests. Signing a request identifies the sender and prevents the request from being altered.

You can generate secret access keys for your AWS account, individual users, and temporary sessions.

The root path of the bucket base container

The following options are available:

• Amazon S3

• OBS

Differences between these options are also described for other parameters within this table.

The default region

*Mandatory if S3 Type is “Amazon S3”

The service endpoint used for requests

This can be used for a non-standard service endpoint.

This can be a complete URL including protocol and port:
<https|http>://<host>:<port>

As an alternative, this can only be a host, for example:
yourS3.eu-central-1.amazonaws.com

In this latter case, the port (443 or 80) is internally selected depending on the detected protocol.

If Region and Endpoint options are not set the following values will be taken by default:

Region: “eu-de”

Enpoint: “obs.eu-de.otc.t-systems.com”

Can be either HTTP, HTTPS or OTC (default is HTTPS)
Disabled and set to HTTPS if the parameter S3 Type is “OBS”

A mode that determines about the level of protection against deletion

Only supported if the parameter S3 Type is “Amazon S3”

If you want to use a retention mode (other than NONE), you must use a bucket that was created beforehand via AWS with an enabled S3 Object Lock, e.g. according to the AWS documentation [AWS Bucket].

The following options are available: 

• NONE (default)

  This mode does not write the retention to the archive.

• GOVERNANCE

  In governance mode, users can’t overwrite or delete an object version or alter its lock settings unless they have special permissions. With governance mode, you protect objects against being deleted by most users. However, you can still grant some users permission to alter the retention settings or delete the object if necessary.

• COMPLIANCE

  In compliance mode, a protected object version can’t be overwritten or deleted by any user, including the root user in your AWS account. When an object is locked in compliance mode, its retention mode can’t be changed, and its retention period can’t be shortened.

The size for partial storage in MB

The range is between 5MB and 5000MB (default is 5MB).

An optional prefix that is added to all file keys in the bucket.

The prefix is used to distinguish different archives that share a bucket.

No white spaces are allowed.

The type of the proxy

The following values are supported:

• NONE

  No proxy is used.

• SYSTEM

  The proxy is specified via the JVM settings “…proxyHost” and “…proxyPort” on the application server. See Proxy settings for archive connection in [IM ImageMaster].

• DEDICATED

  The settings Proxy Host and Proxy Port are specified directly in this configuration dialog (see next parameters).

The host of the proxy, which is mandatory in case of the proxy type DEDICATED

The port of the proxy, which is mandatory in case of the proxy type DEDICATED

The client key alias that will be used for certificate-based authentication in HTTPS

If selected (the default state), the server certificate hostname will also be checked in the authentication process