Configure a Bucket
We highly recommend to read the page describing the Cloud Storage in Flashback and you can also set up a bucket with our API calls.
The guide is experimental and may contain errors as our technology continues to evolve. If you encounter any problems, please do not hesitate to contact us in Discord and give us your feedback.
Properties
Each bucket has the following properties:
Bucket Label (required) A human-readable description of the bucket.
Storage Type Supported storage types according to its API interface:
AWS S3 or equivalent S3-compatible storage buckets indicating the custom endpoint.
Google Cloud Storage or equivalent GCS-compatible storage buckets indicating the custom endpoint.
Microsoft Azure Blob.
Example: Connect to an S3-compatible endpoint, you will select “S3”.
Access Mechanisms for Flashback
There are 2 access mechanisms to the APIs:
Classic access Providing API key/secret (S3) or client email/private key (GCS).
Delegated access to Flashback platform account Only available if we access a native S3/GCS/Azure Blob endpoint:
S3: Require an access Role ARN (resource name) and external ID created for Flashback AWS user, with the access policy configured for the destination bucket(s).
GCS: Flashback service account (GCS) with token creation permission and permissions to the GCS buckets.
Azure: Flashback Azure identity with guest/service-principal access granted through RBAC at storage account or container scope. See Azure Blob delegated access.
For general details explaining how the delegation process/grant guest access works:
In AWS/S3, check out this article.
In Google Cloud/GCS, check out this article.
In Azure/Blob, check out this article.
Storage Type
All bucket and storage-account names must be globally unique across S3, GCS, and Azure—no two providers can use the same name. This is essential for a stable integration in the Repositories.
Collisions such as an S3/GCS bucket named mybucket and an Azure storage account or container under mybucket are not allowed, though multiple containers from the same Azure storage account are permitted.
AWS S3 or Compatible Provider
You must indicate the parameters to allow access the remote bucket.
Bucket Name As it appears in the S3 configuration or in the URLs.
Access Key/ARN (required) API key or AWS delegated Role ARN to access the bucket.
Secret Key (required) API secret or External ID to access the bucket.
Endpoint (optional) An URL for the endpoint. If empty, we assume we are connecting to AWS. If not empty, we assume a non-AWS S3-compatible API endpoint from an external data provider.
Region (required if endpoint field is empty) AWS region the bucket is in. Not needed if we provide a custom, non-AWS endpoint.
GCS or Compatible Provider
You must indicate the parameters to allow access the remote bucket.
Bucket Name As it shows in the Project storage section.
Client Email (required) Client email to access the bucket. It can be the service account or a delegated service account that has been configured to grant external access to Flashback's service account
Private Key (empty if delegated access) Private key to access the bucket.
Endpoint An URL of the endpoint. If empty, we assume we are connecting to a GCS bucket. If not empty, we assume a non-GCP GCS-compatible API endpoint from an external data provider.
Microsoft Azure
You must indicate the parameters to allow access the remote bucket (container in Azure terms).
Storage Account
Container
Access key: account key from Azure Storage Account (optional in delegated setups). For delegated guidance, see Configure Azure Blob delegated access.
Instructions
Here’s a step-by-step guide to creating a new Bucket in the Flashback Platform:
Access the Buckets page
In the left-hand menu, select Storage → Buckets.
Create a new Connector (called Bucket)
Click the + Add Bucket button and select the provider where you will connect your tenant bucket or storage account to this Flashback bucket.
Fill in the Bucket properties
On the “Create Bucket” form, enter the following fields (all are required unless noted otherwise):
Bucket Label: human-readable label for this bucket of the Flashback Platform (e.g. “Backups-EU”).
We recommend to have unique name per bucket to avoid issues when you'll set up your repository.
Storage Type: You can choose of:
S3 (AWS or any S3-compatible endpoint provider)
GCS (GCP or any GCS-compatible endpoint provider)
Azure Blob (only Microsoft Azure)
Add Vendor's Bucket
AWS or any S3-compatible provider
Bucket Name: The exact identifier as defined by your provider in your vendor tenant (e.g. the S3 bucket name in your AWS account).
Access Key: Your S3 API Key/AWS access key ID OR the IAM Role ARN if using AWS delegated Role ARN
Secret Key: Your AWS secret key OR External ID for delegated roles
Endpoint (optional): custom S3 endpoint URL OR leave blank if using AWS
Region: AWS region required if no custom endpoint.
GCP or any GCS-compatible provider
Bucket Name: The exact identifier as defined by your provider in your vendor tenant (e.g. the S3 bucket name in your GCS account).
Client Email: Your service account email OR a delegated service account
Private Key: service account private key OR leave blank if using delegated access
Endpoint (optional): custom GCS-compatible endpoint OR leave blank if using GCP
Azure
Storage Account: your Azure storage account name
Container: the container within that account
Access Key (optional): account key OR leave blank for delegated guest access
Save your new Bucket
Click Save (or Create) at the bottom of the form. Your bucket will now appear in the list, and you can begin using it in Repositories, generate API keys, or attach it to workflows.
Last updated
Was this helpful?