> ## Documentation Index
> Fetch the complete documentation index at: https://docs.nscale.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create endpoint

> Provisions a new S3-compatible object storage endpoint in the requested organization, project, and region using the selected immutable endpoint class. Access keys are managed through dedicated APIs, and identity policies are managed as part of the endpoint specification.



## OpenAPI

````yaml /openapi/storage-openapi.yaml post /api/v1/objectstorageendpoints
openapi: 3.0.3
info:
  title: Storage Service API
  description: |-
    The Storage Service API provides that allows provisioning and life cycle
    management of File and Object storage.
  version: 1.13.0
servers: []
security: []
paths:
  /api/v1/objectstorageendpoints:
    description: >-
      Manages S3-compatible object storage endpoints, enabling users to
      self-serve bucket creation through the access they provide.
    post:
      tags:
        - Object storage
      summary: Create endpoint
      description: >-
        Provisions a new S3-compatible object storage endpoint in the requested
        organization, project, and region using the selected immutable endpoint
        class. Access keys are managed through dedicated APIs, and identity
        policies are managed as part of the endpoint specification.
      requestBody:
        $ref: '#/components/requestBodies/objectStorageEndpointCreateRequest'
      responses:
        '201':
          $ref: '#/components/responses/objectStorageEndpointResponse'
        '400':
          $ref: '#/components/responses/badRequestResponse'
        '401':
          $ref: '#/components/responses/unauthorizedResponse'
        '403':
          $ref: '#/components/responses/forbiddenResponse'
        '422':
          $ref: '#/components/responses/unprocessableContentResponse'
        '500':
          $ref: '#/components/responses/internalServerErrorResponse'
      security:
        - oauth2Authentication: []
components:
  requestBodies:
    objectStorageEndpointCreateRequest:
      description: A request to create an object storage endpoint.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/objectStorageEndpointCreate'
          example:
            metadata:
              name: my-s3-endpoint
              description: A verbose description
              tags:
                - name: tag-name
                  value: tag-value
            spec:
              organizationId: 9a8c6370-4065-4d4a-9da0-7678df40cd9d
              projectId: e36c058a-8eba-4f5b-91f4-f6ffb983795c
              regionId: ba39bff5-b0d8-4c60-89e5-ed1104356b4a
              objectStorageEndpointClassId: 7b6f8b33-3ca8-4db2-b7ab-7bbf683efc6d
              identityPolicies:
                - name: bucket-admin
                  document:
                    Version: '2012-10-17'
                    Statement:
                      - Effect: Allow
                        Action:
                          - s3:ListBucket
                          - s3:GetObject
                        Resource:
                          - arn:aws:s3:::example-bucket
                          - arn:aws:s3:::example-bucket/*
  responses:
    objectStorageEndpointResponse:
      description: An object storage endpoint.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/objectStorageEndpointRead'
          example:
            metadata:
              id: a64f9269-36e0-4312-b8d1-52d93d569b7b
              name: my-s3-endpoint
              organizationId: 9a8c6370-4065-4d4a-9da0-7678df40cd9d
              projectId: e36c058a-8eba-4f5b-91f4-f6ffb983795c
              creationTime: '2024-05-31T14:11:00Z'
              createdBy: john.doe@acme.com
              provisioningStatus: provisioned
              healthStatus: healthy
              tags:
                - name: tag-name
                  value: tag-value
            spec:
              objectStorageEndpointClassId: 7b6f8b33-3ca8-4db2-b7ab-7bbf683efc6d
              identityPolicies:
                - name: bucket-admin
                  document:
                    Version: '2012-10-17'
                    Statement:
                      - Effect: Allow
                        Action:
                          - s3:ListBucket
                          - s3:GetObject
                        Resource:
                          - arn:aws:s3:::example-bucket
                          - arn:aws:s3:::example-bucket/*
            status:
              regionId: ba39bff5-b0d8-4c60-89e5-ed1104356b4a
              exposure:
                public:
                  dnsName: s3.example.com
    badRequestResponse:
      description: |-
        Request body failed schema validation, or the request does not contain
        all the required fields.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/error'
          example:
            error: invalid_request
            error_description: request body invalid
            trace_id: 57bc14d9bd461f0b5a72db830149b67a
    unauthorizedResponse:
      description: Authentication failed or the access token has expired.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/error'
          example:
            error: access_denied
            error_description: authentication failed
            trace_id: 57bc14d9bd461f0b5a72db830149b67a
    forbiddenResponse:
      description: >-
        Request was denied by authorization, this may be caused by the
        authorization

        token not having the required scope for an API, or the user doesn't have
        the

        necessary privileges on the provider platform.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/error'
          example:
            error: forbidden
            error_description: user credentials do not have the required privileges
            trace_id: 57bc14d9bd461f0b5a72db830149b67a
    unprocessableContentResponse:
      description: >-
        The provided request was syntactically correct but the instruction was
        unable to

        be processed due to semantic errors.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/error'
          example:
            error: unprocessable_content
            error_description: the request body was in the wrong format
            trace_id: 57bc14d9bd461f0b5a72db830149b67a
    internalServerErrorResponse:
      description: >-
        An unexpected or unhandled error occurred. This may be a transient error
        and

        may succeed on a retry.  If this isn't the case, please report it as an
        issue.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/error'
          example:
            error: server_error
            error_description: failed to token claim
            trace_id: 57bc14d9bd461f0b5a72db830149b67a
  schemas:
    objectStorageEndpointCreate:
      description: An object storage endpoint create request.
      type: object
      required:
        - metadata
        - spec
      properties:
        metadata:
          $ref: '#/components/schemas/resourceMetadata'
        spec:
          allOf:
            - type: object
              required:
                - organizationId
                - projectId
                - regionId
              properties:
                organizationId:
                  description: The organization to provision the resource in.
                  type: string
                projectId:
                  description: The project to provision the resource in.
                  type: string
                regionId:
                  description: The region to provision the object storage endpoint in.
                  type: string
            - $ref: '#/components/schemas/objectStorageEndpointSpec'
    objectStorageEndpointRead:
      description: >-
        An S3-compatible object storage endpoint that allows users to
        self-service create buckets through the access it exposes.
      type: object
      required:
        - metadata
        - spec
        - status
      properties:
        metadata:
          $ref: '#/components/schemas/projectScopedResourceReadMetadata'
        spec:
          $ref: '#/components/schemas/objectStorageEndpointSpec'
        status:
          $ref: '#/components/schemas/objectStorageEndpointStatus'
    error:
      description: Generic error message, compatible with oauth2.
      type: object
      required:
        - error
        - error_description
      properties:
        error:
          description: >-
            A terse error string expanding on the HTTP error code. Errors are
            based on the OAuth 2.02 specification, but are expanded with
            proprietary status codes for APIs other than those specified by
            OAuth 2.02.
          type: string
          enum:
            - invalid_request
            - server_error
            - access_denied
            - not_found
            - conflict
            - method_not_allowed
            - unsupported_media_type
            - request_entity_too_large
            - unprocessable_content
            - forbidden
        error_description:
          description: Verbose message describing the error.
          type: string
        trace_id:
          description: Unique trace identifier for the request.
          type: string
    resourceMetadata:
      description: Metadata required for all API resource reads and writes.
      required:
        - name
      properties:
        name:
          $ref: '#/components/schemas/kubernetesLabelValue'
        description:
          description: >-
            The resource description, this optionally augments the name with
            more context.
          type: string
        tags:
          $ref: '#/components/schemas/tagList'
    objectStorageEndpointSpec:
      description: An object storage endpoint specification.
      type: object
      required:
        - objectStorageEndpointClassId
      properties:
        objectStorageEndpointClassId:
          description: >-
            The immutable object storage endpoint class selected when the
            endpoint was created.
          type: string
        identityPolicies:
          $ref: '#/components/schemas/objectStorageIdentityPolicyList'
          description: >-
            The identity policies configured for this object storage endpoint.
            Policy names must be unique within the endpoint.
    projectScopedResourceReadMetadata:
      description: Metadata required by project scoped resource reads.
      allOf:
        - $ref: '#/components/schemas/organizationScopedResourceReadMetadata'
        - type: object
          required:
            - projectId
          properties:
            projectId:
              description: The project identifier the resource belongs to.
              type: string
    objectStorageEndpointStatus:
      description: The observed status of an object storage endpoint.
      type: object
      required:
        - regionId
      properties:
        regionId:
          description: The region the object storage endpoint is provisioned in.
          type: string
        exposure:
          $ref: '#/components/schemas/objectStorageEndpointExposureStatus'
    kubernetesLabelValue:
      description: >-
        A valid Kubernetes label value, typically used for resource names that
        can be

        indexed in the database.
      type: string
      pattern: ^[0-9A-Za-z](?:[0-9A-Za-z-_.]{0,61}[0-9A-Za-z])?$
    tagList:
      description: A list of tags.
      type: array
      items:
        $ref: '#/components/schemas/tag'
    objectStorageIdentityPolicyList:
      description: A list of identity policies configured for an object storage endpoint.
      type: array
      items:
        $ref: '#/components/schemas/objectStorageIdentityPolicySpec'
    organizationScopedResourceReadMetadata:
      description: Metadata required by organization scoped resource reads.
      allOf:
        - $ref: '#/components/schemas/resourceReadMetadata'
        - type: object
          required:
            - organizationId
          properties:
            organizationId:
              description: The organization identifier the resource belongs to.
              type: string
    objectStorageEndpointExposureStatus:
      description: The externally reachable endpoints for an object storage endpoint.
      type: object
      properties:
        public:
          $ref: '#/components/schemas/objectStorageEndpointExposureDetailsStatus'
    tag:
      description: >-
        A tag mapping arbitrary names to values.  These have no special meaning

        for any component are are intended for use by end users to add
        additional

        context to a resource, for example to categorize it.
      type: object
      required:
        - name
        - value
      properties:
        name:
          description: A unique tag name.
          type: string
        value:
          description: The value of the tag.
          type: string
    objectStorageIdentityPolicySpec:
      description: A named identity policy configured for an object storage endpoint.
      type: object
      required:
        - name
        - document
      properties:
        name:
          description: >-
            The identity policy name. Names must be unique within the object
            storage endpoint.
          type: string
          minLength: 1
        document:
          $ref: '#/components/schemas/objectStorageIdentityPolicyDocument'
    resourceReadMetadata:
      description: Metadata required by all resource reads.
      allOf:
        - $ref: '#/components/schemas/staticResourceMetadata'
        - type: object
          required:
            - provisioningStatus
            - healthStatus
          properties:
            deletionTime:
              description: The time the resource was deleted.
              type: string
              format: date-time
            provisioningStatus:
              $ref: '#/components/schemas/resourceProvisioningStatus'
            healthStatus:
              $ref: '#/components/schemas/resourceHealthStatus'
    objectStorageEndpointExposureDetailsStatus:
      description: Connection details for a specific exposure mode.
      type: object
      required:
        - dnsName
      properties:
        dnsName:
          description: The DNS hostname clients use to reach the endpoint.
          type: string
    objectStorageIdentityPolicyDocument:
      description: >-
        A provider-specific identity policy document represented as an arbitrary
        JSON object.
      type: object
      additionalProperties: true
    staticResourceMetadata:
      description: |
        This metadata is for resources that just exist, and don't require
        any provisioning and health status, but benefit from a standardized
        metadata format.
      type: object
      allOf:
        - $ref: '#/components/schemas/resourceMetadata'
        - type: object
          required:
            - id
            - creationTime
          properties:
            id:
              description: The unique resource ID.
              type: string
            creationTime:
              description: The time the resource was created.
              type: string
              format: date-time
            createdBy:
              description: The user who created the resource.
              type: string
            modifiedTime:
              description: The time a resource was updated.
              type: string
              format: date-time
            modifiedBy:
              description: The user who updated the resource.
              type: string
    resourceProvisioningStatus:
      description: The provisioning state of a resource.
      type: string
      enum:
        - unknown
        - pending
        - provisioning
        - provisioned
        - deprovisioning
        - error
    resourceHealthStatus:
      description: The health state of a resource.
      type: string
      enum:
        - unknown
        - healthy
        - degraded
        - error
  securitySchemes:
    oauth2Authentication:
      description: Operation requires OAuth 2.0 bearer token authentication.
      type: oauth2
      flows:
        authorizationCode:
          authorizationUrl: https://identity.nks.europe-west4.nscale.com/oauth2/v2/authorization
          tokenUrl: https://identity.nks.europe-west4.nscale.com/oauth2/v2/token
          scopes: {}

````