Configure ShardSecure with Backblaze B2
    • Dark

    Configure ShardSecure with Backblaze B2

    • Dark

    Article summary

    ShardSecure is a simple, reliable, and affordable object store and provides a unique focus on securing data on back-end cloud infrastructure. You can configure ShardSecure with Backblaze B2 Cloud Storage.

    Enable Backblaze B2

    Before you begin: You must have a Backblaze B2 Cloud Storage account. If you already have a Backblaze account and the left navigation menu contains a B2 Cloud Storage section, your account is already enabled for Backblaze B2.

    1. Sign in to the Backblaze web console.
    2. In the user menu in the upper-right corner of the page, select My Settings.
    3. Under Enabled Products, select the checkbox to enable B2 Cloud Storage.
    4. Review the Terms and Conditions, and click OK to accept them. 

    Create a Bucket

    ShardSecure uses Backblaze B2 buckets to distribute and store data. Backblaze recommends that you create at least three buckets to ensure data distribution.

    You can enable Object Lock in the bucket within ShardSecure. You do not have to enable it in the Backblaze web console because ShardSecure is managing the bucket.

    Version History is currently not supported.

    1. Sign in to the Backblaze web console.
    2. In the left navigation menu under B2 Cloud Storage, click Buckets.
    3. Click Create a Bucket.
    4. Enter a name for your bucket. Bucket names must be at least six characters and globally unique.
      A message is displayed if your bucket name is already in use.
    5. Select a privacy setting: Private or Public. Files that are in a private bucket require authentication to perform an action, for example, downloading. Public buckets do not require authentication so you can easily share files. You can change a bucket's privacy settings at any time.
    6. If applicable, enable a Backblaze B2 server-side encryption key.
    7. Enable Object Lock to restrict a file from being modified or deleted for a specified period of time.
    8. Click Create a Bucket, and copy the value that is in the Endpoint field; you will need this value later.
    9. Click Lifecycle Settings to control how long to keep the files in your new bucket.
    If this is your first time creating a public bucket, complete the following tasks to ensure that you have the correct permissions to create a public bucket:

    1. Verify your email address.
    2. Have a payment history on file, or use the credit card form to pay a small fee that is credited to your account balance.

    Create an Application Key

    You must enable Read and Write as the type of access for the app key that you create for ShareSecure buckets.

    Application keys control access to your Backblaze B2 Cloud Storage account and the buckets that are contained in your account.

    1. Sign in to the Backblaze web console.
    2. In the left navigation menu under B2 Cloud Storage, click Application Keys.
    3. Click Add a New Application Key, and enter an app key name.
      You cannot search an app key by this name; therefore, app key names are not required to be globally unique.
    4. Select All or a specific bucket in the Allow Access to Bucket(s) dropdown menu.
    5. Optionally, select your access type (Read and Write, Read Only, or Write Only).
    6. Optionally, select the Allow List All Bucket Names checkbox (required for the B2 Native API b2_list_buckets and the S3-Compatible API S3 List Buckets operations).
    7. Optionally, enter a file name prefix to restrict application key access only to files with that prefix. Depending on what you selected in step #4, this limits application key access to files with the specified prefix for all buckets or just the selected bucket.
    8. Optionally, enter a positive integer to limit the time, in seconds, before the application key expires. The value must be less than 1000 days (in seconds).
    9. Click Create New Key, and note the resulting keyID and applicationKey values.
    When you create a new app key, the response contains the actual key string, for example N2Zug0evLcHDlh_L0Z0AJhiGGdY. You can always find the keyID on this page, but for security, the applicationKey appears only once. Make sure you copy and securely save this value elsewhere.

    Configure ShardSecure

    1. Open the ShardSecure configuration portal.
    2. Select ShardFileSystems, and click (add). 
    3. Select Backblaze from the Add Storage System drop-down menu.
    4. Enter a name for the ShardFileSystem, and click ADD.
    5. Enter your Backblaze B2 credentials.
      1. Enter a name (for example, Backblaze B2).
      2. Enter your application key ID.
      3. Enter your application key. 
      4. Enter a key name as the user agent. 
      5. Click ADD SCF.
    6. Enter the name of your Backblaze B2 bucket, enter a name for the bucket in ShardSecure, and enter a value in the Shard Size field.
      The Shard Size should be 4 unless your ShardSecure Consultant recommends another value.
    7. Click ADD SCF.
    8. Repeat these steps to add all of the buckets that you configured in Backblaze.
      All of the Backblaze B2 buckets are displayed under the ShardFileSystem for Backblaze.

    Create a Policy

    1. Select Policies, and click (add).
    2. Enter the policy name, and click ADD.
    3. Select Rule to set a new rule for the policy.
    4. Select a Rule Type (for example Name), select a Rule Operator (for example, Equals), and enter a value (for example, *).
    5. Click SAVE.
    6. Click ShardContainerFiles to select your storage buckets.
    7. Click + (add) to add your Backblaze B2 buckets to the policy.
      All buckets are displayed under Configured Shard Container File.
    8. Click CLOSE to exit the setup dialog box.

    Configuration is now complete, and you are able to upload data to Backblaze using ShardSecure. After you upload the configuration to your ShardSecure cluster, you can create a bucket within ShardSecure and upload data using the S3-Compatible API. ShardSecure introduces data confidentiality, integrity, and availability before the data is stored in Backblaze B2.

    Was this article helpful?