Object Storage provides S3-compatible storage for buckets and objects. It is project-scoped and region-bound. Use it when you need an S3 endpoint for datasets, application assets, backups, artifacts, or other object-based workloads.Documentation Index
Fetch the complete documentation index at: https://docs.nscale.com/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites: You need an existing project, an available region, and permissions to create object storage endpoints and access keys before you can use Object Storage.
Summary
This page explains how to create and use Object Storage in the Nscale Console. By following the steps, you will:- Create a project-scoped, region-bound S3-compatible endpoint
- Find and filter Object Storage endpoints by region and status
- Manage endpoint access keys and identity policies from the endpoint details page
- Retrieve the endpoint URL after provisioning completes and use it with an S3-compatible client
Availability
This feature is currently only available for the reserved cloud service environment.Requirements
- Permissions to create and manage object storage resources
- A target project and region selected for the object storage endpoint
- An identity policy that allows the S3 actions your workload needs
- An S3-compatible client or SDK, such as the AWS CLI
The endpoint URL is available only after the endpoint finishes provisioning.
Object Storage Lifecycle
| Action | Details |
|---|---|
| Create endpoint | Provide a name, project, and region |
| Configure identity policies | Use the system-default-admin policy or add custom S3 policy documents for least-privilege access |
| Create access key | Create credentials tied to an identity policy. The secret is returned only once |
| Use S3 client | Use the endpoint URL with your access key ID and secret to create buckets and manage objects |
| Delete access key | Revoke a credential without deleting the endpoint or stored objects |
| Delete endpoint | Permanently remove the endpoint and the object storage resources associated with it |
Identity Policies
Identity policies define which S3 actions an access key can perform. Policies use AWS-style JSON policy documents withVersion, Statement, Effect, Action, and Resource fields.
If you create an endpoint without custom policies, Object Storage seeds a default system-default-admin policy that allows s3:* on all resources. For production workloads, create narrower policies for each workload or team.
In the console, identity policies are managed from the Identity Policies tab. New policies are added by providing a policy name and uploading a .json policy document.
Example read/write policy for all buckets:
S3 API Compatibility
Object Storage is S3-compatible for common bucket and object workflows, but it does not implement every AWS S3 feature. See the unsupported features bellow:| Unsupported feature | Description |
|---|---|
| Bucket CORS configuration | Bucket-level CORS rules are not supported through the S3 API. Requests such as PutBucketCors return NotImplemented. |
| IAM API | AWS IAM-compatible APIs for users, roles, and policies are not available on the Object Storage endpoint. Manage Object Storage access through identity policies and access keys. |
| Lifecycle rules | S3 lifecycle configuration is not supported through PutBucketLifecycleConfiguration. This includes expiration rules, aborting incomplete multipart uploads, and noncurrent version cleanup. Implement lifecycle cleanup in your application or automation. |
| Bucket metrics configuration | S3 bucket metrics configuration APIs are not supported. |
| Bucket replication | S3 replication configuration, including cross-region replication and same-region replication, is not supported through PutBucketReplication or related APIs. |
| SSE-C | Server-side encryption with customer-provided keys using x-amz-server-side-encryption-customer-* headers is not supported. |
| Signature Version 2 | Legacy SigV2 authentication is not supported. Use Signature Version 4 for all S3 requests. |
| Static website hosting | S3 static website hosting configuration is not supported. Serve static content through an application, web server, or CDN layer instead. |
| Suspend versioning | Enabling bucket versioning is supported, but suspending versioning after it has been enabled is not supported. |
Step-by-Step
- Open Object Storage
- Go to Storage → Object Storage in the console
- Use the search field to find an existing endpoint by name
- Use the Region and Status filters to narrow the list
- Create the Object Storage endpoint
- Click Create Object Storage
- Enter an Object Storage Name
- Select the Project
- Select an available Region from the region picker
- Click Create Object Storage and wait for the endpoint to reach Provisioned
- Open the endpoint details page
- Select the endpoint from the Object Storage list
- Confirm the header shows the endpoint name and a Provisioned status badge
- Use the Overview, Access Keys, and Identity Policies tabs to manage the endpoint
- Add or review identity policies
- Open the Identity Policies tab
- To add a policy, click Add Policy
- Provide a Policy Name and upload a
.jsoncustom policy document - Click Add Policy
- Create an access key
- Open the Access Keys tab
- Click Add Access Key
- Enter an access key name
- Click Next: Select Policy
- Select an existing identity policy, or upload a custom
.jsonpolicy document and give it a policy name - Click Add Access Key
- Copy the Access Key ID and Secret Access Key immediately from the creation dialog
- Configure your S3 client
- Set the endpoint URL, access key ID, and secret access key in your S3 client
- Use any S3-compatible workflow to create buckets and manage objects
Terraform Example
If you provision infrastructure with Terraform, use the Object Storage example in the publicterraform-provider-nscale repository as a starting point:
Object Storage Terraform Example
Create an Object Storage endpoint, identity policy, and access key with the nscale Terraform provider
Common Issues / Troubleshooting
- Symptom: You can’t select a region when creating Object Storage Likely cause: The selected project already has an endpoint in that region. Fix: Choose another project, or delete the existing endpoint for that project/region if it is no longer needed.
- Symptom: No endpoint URL is shown Likely cause: The endpoint is still provisioning or has not published its public exposure details yet. Fix: Wait for the endpoint status to become ready/provisioned. If the URL still does not appear, check the endpoint health status or contact support.
- Symptom: You can’t retrieve an access key secret later Likely cause: Secrets are returned only once, when the access key is created. Fix: Create a new access key, update your workload with the new credentials, then delete the old access key.
-
Symptom: S3 requests fail with access denied
Likely cause: The access key is attached to an identity policy that does not allow the requested S3 action or bucket/object resource.
Fix: Review the policy attached to the access key. Confirm it includes the required
s3:actions and the correct bucket/object resources. - Symptom: You can’t remove an identity policy Likely cause: One or more access keys still reference that policy. Fix: In the Identity Policies tab, check Keys Using. Delete or recreate the access keys that use the policy, then remove the policy.
Related Resources
Filesystem
Use shared NFS storage when workloads need a mounted filesystem
Instances
Run S3-compatible clients from your compute instances
Managed Kubernetes
Use Object Storage from applications running in Kubernetes clusters
API Reference
Manage object storage endpoints and access keys programmatically via the Storage Service API