--- title: "Oracle Cloud Infrastructure (OCI) Object Storage Configuration" slug: "oracle-cloud-infrastructure-object-storage-configuration" updated: 2026-04-14T12:45:05Z published: 2026-04-14T12:45:05Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.nasuni.com/llms.txt > Use this file to discover all available pages before exploring further. # Oracle Cloud Infrastructure (OCI) Object Storage Configuration The Oracle Cloud Infrastructure (OCI) Object Storage service offers a highly scalable, high-performance storage platform designed for reliability and cost efficiency. It enables you to store an unlimited volume of unstructured data of any type, including analytics data, images, videos, and other rich content. When integrated with Nasuni, OCI Object Storage serves as the cloud object backend for Nasuni’s file data platform, providing seamless file storage, synchronization, and disaster recovery across distributed environments. This combination allows organizations to leverage OCI’s scalability and durability with Nasuni’s global file system for efficient, secure, and cost-effective data management. ## Prerequisites This document assumes that the customer has the following in place: - An active Oracle Cloud Infrastructure account and access to the appropriate tenancy. For more information, see [Create and Activate an Oracle Cloud Account](https://docs.oracle.com/en/cloud/paas/content-cloud/administer/create-and-activate-oracle-cloud-account1.html). - Identity and Access Management (IAM) permissions to access the OCI Object Storage. For more information, see ["Manage Users, Groups, and Access in a Region with Identity Domains"](https://docs.oracle.com/en/cloud/paas/content-cloud/administer/manage-users-groups-and-access-region-identity-domains1.html). - A valid Customer secret key. For more information, see [Creating a Customer Secret Key](https://docs.oracle.com/en-us/iaas/Content/Identity/access/to_create_a_Customer_Secret_key.htm). - Networking and firewall configurations - OCI Object Storage buckets can be accessed publicly through authorized API calls. If you plan to restrict access using a Virtual Cloud Network (VCN) or Private Endpoints, ensure the required configurations are configured in advance. For more information, see [Security Rules](https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/securityrules.htm). - Outbound connectivity from Nasuni Edge Appliance to OCI Object Storage endpoints and Nasuni NOC endpoints. For more information, see [Nasuni Firewall and Port Requirements](https://docs.nasuni.com/docs/firewall-and-port-requirements?highlight=firewall). ## **OCI Best Practices for using Nasuni with OCI Object Storage** When integrating Nasuni with OCI Object Storage using Nasuni’s S3 Connector (S3-compatible API), you must explicitly configure the correct region in Nasuni. Unlike AWS’s default S3 endpoint behavior, OCI does not provide automatic region discovery or fallback to us-east-1 for non-AWS endpoints. This is by design and based on OCI’s security enforcement for AWS Signature Version 4 (SigV4) authentication. OCI generates signing keys per region and distributes them only to the corresponding region. The only exception is the tenancy’s home region, which also receives us-east-1 signing keys. This prevents a security compromise in one region from enabling credential reuse in another. Because the signing key is derived from the region name, requests that do not specify the correct region cannot be authenticated. By default, deployments work as expected when accessing Object Storage in your home region. However, if API keys created in the home region (for example, **us-ashburn-1**) are used to access a different region (such as **us-sanjose-1**), authentication might fail because the signing-key domain does not match the target region. If you require access across multiple regions, Oracle recommends using a parent tenancy with child tenancies whose home regions match the regions you need access to. This ensures that each region has its own signing-key domain, enabling successful authentication. For more information, see [Creating a Child Tenancy](https://docs.oracle.com/en-us/iaas/Content/General/organization/child-tenancy-create.htm) For further guidance, contact Oracle Support. > [!NOTE] > ***Tip****: Note that the parent account must be subscribed to the target regions to successfully authenticate to an OCI Object Storage endpoint*. ### Oracle Government Cloud Storage Support Nasuni customers can use Oracle Government Cloud Storage, which provides access to the same core services available in the commercial cloud environment. > [!NOTE] > ***Tip****: Government customers who are interested in beginning a formal contract or conducting a proof of concept should contact their Oracle sales representative, just as commercial customers do. While the overall process is the same, government agencies might have additional standards, requirements, or procurement procedures that need to be followed. Contact Oracle Support for more information.* ## **Virtual Host Style Support** Starting in October 2025, Oracle introduced support for virtual host-style access for OCI Object Storage. For complete documentation on Amazon S3 Compatibility API Virtual Host Style Support in Object Storage, see [Amazon S3 Compatibility API Virtual Host Style Support in Object Storage](https://docs.oracle.com/en-us/iaas/Content/Object/s3-virtual-style.htm) > [!NOTE] > ***Tip****: Customers should ensure that they follow the required best practices when using Nasuni with OCI Object Storage.* ## Storage tiers OCI Object Storage has 3 performance tiers: Standard, Infrequent Access, and Archive. Nasuni only supports online tiers: Standard and Infrequent Access. Storing production data in the Standard tier is recommended for most volumes, because it provides the optimal balance of cost and performance without affecting Edge Appliance efficiency. ### Transitioning Objects using Lifecycle Policy To reduce storage costs over time, customers can automatically transition older or less frequently accessed data to the Infrequent Access tier, using OCI Object Storage Lifecycle Policy. This transition is fully managed within OCI, and no configuration changes are required on the Nasuni side to enable or support this functionality. For more information, see [Object Storage Object Lifecycle Management](https://docs.oracle.com/en-us/iaas/Content/Object/Tasks/usinglifecyclepolicies.htm). ## **Configuration** Nasuni supports Oracle Cloud Infrastructure Object Storage using the Nasuni Connector for Amazon S3. ### Specifying credentials To configure Nasuni credentials for OCI Object Storage, follow these steps: 1. Ensure that port 443 (HTTPS) is open between the Nasuni Edge Appliance and the object storage solution. 2. On the NEA UI, select **Configuration**. On the NMC, select **Account**. 3. Then select **Cloud Credentials** from the menu. 4. On the NEA UI, click **Add Amazon S3 Credentials**.****On the NMC, click**Add New Credentials**, then select **Amazon S3**. 5. Enter information from the **Oracle Cloud Storage** account: - **Name**: A name for this set of credentials, which is used for display purposes. - **Access Key ID**: The bucket or container user name for authentication. - **Secret Access Key**: The bucket or container user password for authentication. - **Hostname**: The target endpoint URL of the object storage solution. For example, vhcompat.objectstorage..[oci.customer-oci.com](http://oci.customer-oci.com) For Oracle, see [Object Storage Service API](https://docs.oracle.com/en-us/iaas/Content/Object/s3-virtual-style.htm). > [!TIP] > ***Tip****: For*more information*, contact Oracle Support regarding the OCI Object Storage service endpoint.* - **Verify SSL Certificates**: For self-signed certificates, certificates generated with a private root CA, or a default certificate, unselect **Verify SSL Certificates**. For a fully valid SSL certificate, select **Verify SSL Certificates**. - **Filers** (on NMC): The target Nasuni Edge Appliances. 6. Click **Save Credentials**. The specified credentials are saved. ### Adding volumes At this point, you can begin adding volumes to the Nasuni Edge Appliance. To add a volume, follow these steps. 1. On the NMC, click **Volumes**, then click **Create Volume** from the list. The **Create Volume** page appears. - From the **Target Filer** drop-down list, select the NEA where the new volume is to be created. - **Name**: Enter a human-readable name for the volume. - **Cloud Provider**: Select **Amazon S3**. - **Credentials**: Select the **Cloud Credentials** for this volume. - **Region**: Select **Other (S3 Compatible)**. - For the remaining options, select what is needed for the volume. 2. Click **Create Volume**. This creates a new volume with OCI Object Storage.