The Oracle Cloud Infrastructure (OCI) Object Storage service offers a highly scalable, high-performance storage platform designed for reliability and cost efficiency. It enables you to store an unlimited volume of unstructured data of any type, including analytics data, images, videos, and other rich content.
When integrated with Nasuni, OCI Object Storage serves as the cloud object backend for Nasuni’s file data platform, providing seamless file storage, synchronization, and disaster recovery across distributed environments. This combination allows organizations to leverage OCI’s scalability and durability with Nasuni’s global file system for efficient, secure, and cost-effective data management.
Prerequisites
This document assumes that the customer has the following in place:
To enable virtual host-style access, customers must submit a request through Oracle Support. This is a temporary workaround for all customers until the target GA release (mid-February 2026). For more information, see Support Requests.
An active Oracle Cloud Infrastructure account and access to the appropriate tenancy. For more information, see Create and Activate an Oracle Cloud Account.
Identity and Access Management (IAM) permissions to access the OCI Object Storage. For more information, see "Manage Users, Groups, and Access in a Region with Identity Domains".
A valid Customer secret key. For more information, see Creating a Customer Secret Key.
Networking and firewall configurations
OCI Object Storage buckets can be accessed publicly through authorized API calls. If you plan to restrict access using a Virtual Cloud Network (VCN) or Private Endpoints, ensure the required configurations are configured in advance. For more information, see Security Rules.
Outbound connectivity from Nasuni Edge Appliance to OCI Object Storage endpoints and Nasuni NOC endpoints. For more information, see Nasuni Firewall and Port Requirements.
OCI Best Practices for using Nasuni with OCI Object Storage
When integrating Nasuni with OCI Object Storage using Nasuni’s S3 Connector (S3-compatible API), you must explicitly configure the correct region in Nasuni. Unlike AWS’s default S3 endpoint behavior, OCI does not provide automatic region discovery or fallback to us-east-1 for non-AWS endpoints. This is by design and based on OCI’s security enforcement for AWS Signature Version 4 (SigV4) authentication.
OCI generates signing keys per region and distributes them only to the corresponding region. The only exception is the tenancy’s home region, which also receives us-east-1 signing keys. This prevents a security compromise in one region from enabling credential reuse in another. Because the signing key is derived from the region name, requests that do not specify the correct region cannot be authenticated.
By default, deployments work as expected when accessing Object Storage in your home region. However, if API keys created in the home region (for example, us-ashburn-1) are used to access a different region (such as us-sanjose-1), authentication might fail because the signing-key domain does not match the target region.
If you require access across multiple regions, Oracle recommends using a parent tenancy with child tenancies whose home regions match the regions you need access to. This ensures that each region has its own signing-key domain, enabling successful authentication. For more information, see Creating a Child Tenancy
For further guidance, contact Oracle Support.
Tip: Note that the parent account must be subscribed to the target regions to successfully authenticate to an OCI Object Storage endpoint.
Oracle Government Cloud Storage Support
Nasuni customers can use Oracle Government Cloud Storage, which provides access to the same core services available in the commercial cloud environment.
Tip: Government customers who are interested in beginning a formal contract or conducting a proof of concept should contact their Oracle sales representative, just as commercial customers do. While the overall process is the same, government agencies might have additional standards, requirements, or procurement procedures that need to be followed. Contact Oracle Support for more information.
Virtual Host Style Support
Starting in October 2025, Oracle introduced support for virtual host-style access for OCI Object Storage. This feature is currently available only to a limited set of customers and is not enabled by default. To enable virtual host-style access, you must submit a request through Oracle Support. For more information, see Support Requests.
For complete documentation on Amazon S3 Compatibility API Virtual Host Style Support in Object Storage, see Amazon S3 Compatibility API Virtual Host Style Support in Object Storage
Tip: Customers should ensure that they follow the required best practices when using Nasuni with OCI Object Storage.
Storage tiers
OCI Object Storage has 3 performance tiers: Standard, Infrequent Access, and Archive. Nasuni only supports online tiers: Standard and Infrequent Access.
Storing production data in the Standard tier is recommended for most volumes, because it provides the optimal balance of cost and performance without affecting Edge Appliance efficiency.
Transitioning Objects using Lifecycle Policy
To reduce storage costs over time, customers can automatically transition older or less frequently accessed data to the Infrequent Access tier, using OCI Object Storage Lifecycle Policy. This transition is fully managed within OCI, and no configuration changes are required on the Nasuni side to enable or support this functionality. For more information, see Object Storage Object Lifecycle Management.
Configuration
Nasuni supports Oracle Cloud Infrastructure Object Storage using the Nasuni Connector for Amazon S3.
Specifying credentials
To configure Nasuni credentials for OCI Object Storage, follow these steps:
Ensure that port 443 (HTTPS) is open between the Nasuni Edge Appliance and the object storage solution.
On the NEA UI, select Configuration. On the NMC, select Account.
Then select Cloud Credentials from the menu.
On the NEA UI, click Add Amazon S3 Credentials. On the NMC, click Add New Credentials, then select Amazon S3.
Enter information from the Oracle Cloud Storage account:
Name: A name for this set of credentials, which is used for display purposes.
Access Key ID: The bucket or container user name for authentication.
Secret Access Key: The bucket or container user password for authentication.
Hostname: The target endpoint URL of the object storage solution. For Oracle, see Object Storage Service API.
Tip: For more information, contact Oracle Support regarding the OCI Object Storage service endpoint.
Verify SSL Certificates: For self-signed certificates, certificates generated with a private root CA, or a default certificate, unselect Verify SSL Certificates. For a fully valid SSL certificate, select Verify SSL Certificates.
Filers (on NMC): The target Nasuni Edge Appliances.
Click Save Credentials.
The specified credentials are saved.
Adding volumes
At this point, you can begin adding volumes to the Nasuni Edge Appliance. To add a volume, follow these steps.
On the NMC, click Volumes, then click Create Volume from the list. The Create Volume page appears.
From the Target Filer drop-down list, select the NEA where the new volume is to be created.
Name: Enter a human-readable name for the volume.
Cloud Provider: Select Amazon S3.
Credentials: Select the Cloud Credentials for this volume.
Region: Select Other (S3 Compatible).
For the remaining options, select what is needed for the volume.
Click Create Volume.
This creates a new volume with OCI Object Storage.